Printer and print system, and data receiving device and data transmitting and receiving system

ABSTRACT

A printer generates a public key with a passphrase containing at least printer position information and a random number by a public key cryptography, and holds this random number. A print client previously acquires the public key from the printer. When transmitting print data to the printer, the print client encrypts the print data in advance with the acquired public key and transmits the encrypted print data as print transmitting data. The printer which has received the print transmitting data generates a private key with a passphrase containing at least printer position information and the held random number by the public key cryptography. The printer then decrypts the received print transmitting data with the private key. Consequently, the security of the print data transmitted from the print client to the printer via a network is ensured.

TECHNICAL FIELD

The present invention relates to a printer and a print system, and adata receiving device and a data transmitting and receiving system, andparticularly relates to a printer and a print system, and a datareceiving device and a data transmitting and receiving system whichensure security of data transmitted to the printer and the datareceiving device.

BACKGROUND ART

These days, a print system in which a printer is shared using a networkhas been increasingly used. Namely, by connecting plural computers asprint clients to one network and connecting, for example, one printer tothis network, the one printer can accept print data from the pluralprint clients and print the print data.

In such a print system using the network, various users can transmitprint data from their respective print clients to the printer andperform printing operations.

However, if the print data transmitted from the print clients is printedby the printer unconditionally, a print operation is executed even bythe printer which is not installed in a place where the users intend toperform the printing operation. In particular, in the printer which ismoved from one place where the printer has been heretofore used toanother place, an IP address or the like which is an address on thenetwork sometimes remains unchanged, and hence the transmitted printdata may be printed by the printer moved to another place. The abovesituation is undesirable for users who want to ensure the security ofprint data.

Moreover, if the print data transmitted from the print clients isprinted by the printer unconditionally, even print data transmitted fromthe print clients which are not duly authorized to perform printing withthe printer is printed by the printer. In this case, print clients ableto perform printing with the printer cannot be restricted, which isundesirable as well. Especially when the possibility of the existence ofusers who transmit a large amount of print data with dishonest intentionis considered, it is necessary to provide some print restriction.

Further, in some cases, a printer which has been used in one departmentof a company is moved to another department and used there. In such acase, even print clients which have heretofore had the authority ofperform printing with this printer are not sometimes wanted to be giventhe authority to perform printing with this printer after the printerhas been moved. In the above situation, there are needs for technologywhich prevents print data from the print clients from being printed onthe printer side (See Japanese Patent Application Laid-open No. Hei11-331144).

Furthermore, it can be assumed that by manipulating path information onthe network to install the same printer in a different position andusing the same network address, another printer disguises itself as atrue printer.

Moreover, there exists a printer into which a certificate toauthenticate the printer itself is incorporated, and when this printeris discarded, it is necessary to certainly delete the certificateincorporated into the printer. However, if a printer becomes unable toexecute a print operation by only changing the installation place of theprinter, the printer can be discarded more safely.

Hence, the present invention is made in view of the aforementionedproblems, and one object of the present invention is to provide a printsystem which ensures security of print data and a printer by restrictingprint data which can be printed based on information on a position wherethe printer is installed. Another object is to provide a datatransmitting and receiving system which ensures security of transmitteddata and a data receiving device by restricting data which can beprocessed based on information on a position where the data receivingdevice is installed.

DISCLOSURE OF INVENTION

In order to accomplish the aforementioned and other objects, accordingto one aspect of the present invention, a printer which processes printdata, comprises:

a printer position information acquisition which acquires printerposition information to specify a place where the printer is installed;

a first printer position information acquisition which acquires printerposition information from the printer position information acquisition,this printer position information being regarded as first printerposition information;

a public key generator which generates a public key with a passphrasecontaining at least the first printer position information and a givennumber;

a print data receiver which receives print data encrypted with thepublic key;

a second printer position information acquisition which acquires printerposition information from the printer position information acquisitionwhen the print data has been received, this printer position informationbeing regarded as second printer position information;

a private key generator which generates a private key with a passphrasecontaining at least the second printer position information and thegiven number; and

a decrypter which decrypts the print data received by the print datareceiver with the private key.

According to another aspect of the present invention, a control methodof a printer which processes print data, comprises the steps of:

acquiring printer position information to specify a place where theprinter is installed from a printer position information acquisition,this printer position information being regarded as first printerposition information;

generating a public key with a passphrase containing at least the firstprinter position information and a given number;

receiving print data from a print client;

acquiring printer position information from the printer positioninformation acquisition when the print data has been received, thisprinter position information being regarded as second printer positioninformation;

generating a private key with a passphrase containing at least thesecond printer position information and the given number; and

decrypting the received print data with the private key.

According to another aspect of the present invention, a print systemincludes at least one printer and at least one print client connected tothe printer via a network, wherein

the printer comprises:

a printer position information acquisition which acquires printerposition information to specify a place where the printer is installed;

a first printer position information acquisition which acquires printerposition information from the printer position information acquisition,this printer position information being regarded as first printerposition information; and

a public key generator which generates a public key with a passphrasecontaining at least the first printer position information and a givennumber,

the print client comprises:

a print data generator which generates print data to be printed by theprinter; and

a print data transmitter which encrypts the print data with the publickey and transmits the encrypted print data to the printer, and

the printer further comprises:

a print data receiver which receives the print data encrypted with thepublic key and transmitted from the print client;

a second printer position information acquisition which acquires printerposition information from the printer position information acquisitionwhen the print data has been received, this printer position informationbeing regarded as second printer position information;

a private key generator which generates a private key with a passphrasecontaining at least the second printer position information and thegiven number; and

a decrypter which decrypts the print data received by the print datareceiver with the private key.

According to another aspect of the present invention, a data receivingdevice which processes data, comprises:

a data receiving device position information acquisition which acquiresdata receiving device position information to specify a place where thedata receiving device is installed;

a first data receiving device position information acquisition whichacquires data receiving device position information from the datareceiving device position information acquisition, this data receivingdevice position information being regarded as first data receivingdevice position information;

a public key generator which generates a public key with a passphrasecontaining at least the first data receiving device position informationand a given number;

a data receiver which receives data encrypted with the public key;

a second data receiving device position information acquisition whichacquires data receiving device position information from the datareceiving device position information acquisition when the data has beenreceived, this data receiving device position information being regardedas second data receiving device position information;

a private key generator which generates a private key with a passphrasecontaining at least the second data receiving device positioninformation and the given number; and

a decrypter which decrypts the data received by the data receiver withthe private key.

According to another aspect of the present invention, a datatransmitting and receiving system includes at least one data receivingdevice and at least one data transmitting device connected to the datareceiving device via a network, wherein

the data receiving device comprises:

a data receiving device position information acquisition which acquiresdata receiving device position information to specify a place where thedata receiving device is installed;

a first data receiving device position information acquisition whichacquires data receiving device position information from the datareceiving device position information acquisition, this data receivingdevice position information being regarded as first data receivingdevice position information; and

a public key generator which generates a public key with a passphrasecontaining at least the first data receiving device position informationand a given number,

the data transmitting device comprises:

a data generator which generates data to be processed by the datareceiving device; and

a data transmitter which encrypts the data with the public key andtransmits the encrypted data to the data receiving device, and

the data receiving device further comprises:

a data receiver which receives the data encrypted with the public keyand transmitted from the data transmitting device;

a second data receiving device position information acquisition whichacquires data receiving device position information from the datareceiving device position information acquisition when the data has beenreceived, this data receiving device position information being regardedas second data receiving device position information;

a private key generator which generates a private key with a passphrasecontaining at least the second data receiving device positioninformation and the given number; and

a decrypter which decrypts the data received by the data receiver withthe private key.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram showing an example of the configuration of a printsystem according to a first embodiment of the present invention;

FIG. 2 is a diagram showing an example of the hardware configuration ofa printer according to the first embodiment of the present invention;

FIG. 3 is diagram showing an example of the configuration of a printclient according to the first embodiment of the present invention;

FIG. 4 is a conceptual diagram explaining encryption and decryption ofprint data with a public key and a private key in the first embodimentof the present invention;

FIG. 5 is a flowchart explaining a public key request process executedby the print client according to the first embodiment of the presentinvention;

FIG. 6 is a diagram showing an example of the structure of a public keytable included in the print client according to the first embodiment ofthe present invention;

FIG. 7 is a part of a flowchart explaining a public key transmissionprocess executed by the printer according to the first embodiment of thepresent invention (First part);

FIG. 8 is a part of the flowchart explaining the public key transmissionprocess executed by the printer according to the first embodiment of thepresent invention (Second part);

FIG. 9 is a flowchart explaining a print request process executed by theprint client according to the first embodiment of the present invention;

FIG. 10 is a flowchart explaining a print execution process executed bythe printer according to the first embodiment of the present invention;

FIG. 11 is a part of a flowchart explaining a public key transmissionprocess executed by a printer according to a second embodiment of thepresent invention;

FIG. 12 is a diagram showing an example of the structure of a randomnumber table included in the printer according to the second embodimentof the present invention;

FIG. 13 is a flowchart explaining a print request process executed by aprint client according to the second embodiment of the presentinvention;

FIG. 14 is a diagram showing an example of the structure of printtransmitting data transmitted from the print client to the printer inthe second embodiment of the present invention;

FIG. 15 is a flowchart explaining a print execution process executed bythe printer according to the second embodiment of the present invention;

FIG. 16 is a flowchart explaining a public key request process executedby a print client according to a third embodiment of the presentinvention;

FIG. 17 is a diagram showing an example of the structure of a public keytable included in the print client according to the third embodiment ofthe present invention;

FIG. 18 is a part of a flowchart explaining a public key transmissionprocess executed by a printer according to the third embodiment of thepresent invention (First part);

FIG. 19 is a part of the flowchart explaining the public keytransmission process executed by the printer according to the thirdembodiment of the present invention (Second part);

FIG. 20 is a diagram showing an example of the structure of a randomnumber table included in the printer according to the third embodimentof the present invention;

FIG. 21 is a flowchart explaining a print request process executed bythe print client according to the third embodiment of the presentinvention;

FIG. 22 is a diagram showing an example of the structure of printtransmitting data transmitted from the print client to the printer inthe third embodiment of the present invention;

FIG. 23 is a flowchart explaining a print execution process executed bythe printer according to the third embodiment of the present invention;

FIG. 24 is a part of a flowchart explaining a print request processexecuted by a print client according to a fourth embodiment (Firstpart);

FIG. 25 is a part of the flowchart explaining the print request processexecuted by the print client according to the fourth embodiment (Secondpart);

FIG. 26 is a part of a flowchart explaining a print execution processexecuted by a printer according to the fourth embodiment (First part);

FIG. 27 is a part of the flowchart explaining the print executionprocess executed by the printer according to the fourth embodiment(Second part);

FIG. 28 is a part of the flowchart explaining the print executionprocess executed by the printer according to the fourth embodiment(Third part);

FIG. 29 is a conceptual diagram explaining encryption and decryption ofprint data with a public key and a private key in a fifth embodiment ofthe present invention;

FIG. 30 is a flowchart explaining a public key request process executedby a print client according to the fifth embodiment of the presentinvention;

FIG. 31 is a diagram showing an example of the structure of a public keytable included in the print client according to the fifth embodiment ofthe present invention;

FIG. 32 is a part of a flowchart explaining a public key transmissionprocess executed by a printer according to the fifth embodiment of thepresent invention (First part);

FIG. 33 is a part of the flowchart explaining the public keytransmission process executed by the printer according to the fifthembodiment of the present invention (Second part);

FIG. 34 is a flowchart explaining a print execution process executed bythe print client according to the fifth embodiment of the presentinvention;

FIG. 35 is a flowchart explaining a print execution process executed bythe printer according to the fifth embodiment of the present invention;

FIG. 36 is a flowchart explaining a public key request process executedby a print client according to a sixth embodiment of the presentinvention;

FIG. 37 is a diagram showing an example of the structure of a public keytable included in the print client according to the sixth embodiment ofthe present invention;

FIG. 38 is a flowchart explaining a print request process executed bythe print client according to the sixth embodiment of the presentinvention;

FIG. 39 is a part of a flowchart explaining a print request processexecuted by a print client according to a seventh embodiment (Firstpart);

FIG. 40 is a part of the flowchart explaining the print request processexecuted by the print client according to the seventh embodiment (Secondpart);

FIG. 41 is a part of a flowchart explaining a print execution processexecuted by a printer according to the seventh embodiment (First part);

FIG. 42 is a part of the flowchart explaining the print executionprocess executed by the printer according to the seventh embodiment(Second part);

FIG. 43 is a part of the flowchart explaining the print executionprocess executed by the printer according to the seventh embodiment(Third part);

FIG. 44 is a diagram explaining an example in which in place of a randomnumber, an algorithm and additional information are transmitted from theprinter to the print client (a case where a given number is transmittedfrom the print client to the printer);

FIG. 45 is a diagram showing a modification of FIG. 44 (a case where analgorithm and additional information are transmitted from the printclient to the printer); and

FIG. 46 is a diagram showing another modification of FIG. 44 (a casewhere additional information is transmitted from the print client to theprinter without an algorithm being transmitted).

PREFERRED EMBODIMENTS First Embodiment

In a print system according to the first embodiment of the presentinvention, a public key is generated with at least printer positioninformation indicating a position where a printer is installed, a printclient acquires this public key, and when the print client transmitsprint data to the printer, the print data is transmitted as printtransmitting data which is generated by encrypting the print data withthe acquired public key. The printer which has received the printtransmitting data generates a private key again with at least printerposition information at this point in time at the time of reception andexecutes a print operation only when the print transmitting data hasbeen decrypted with this private key. Moreover, generally, in a publickey cryptography, a random number is used when a public key and aprivate key are generated, and in this embodiment, a random number ispreviously registered with the printer, and thereby a random number usedwhen the public key to be transmitted to the print client is generatedand a random number used when the private key is generated to decryptthe print transmitting data are made the same, which makes it possibleto obtain the same private key if the printer position information isunchanged. Further details will be given below.

First, the configuration of the print system according to thisembodiment will be explained based on FIG. 1. FIG. 1 is a block diagramshowing the hardware configuration of the print system according to thisembodiment.

As shown in FIG. 1, the print system according to this embodimentincludes print clients 20, 22 connected to a network 10 and printers 30,32 also connected to the network 10. In this embodiment, the network 10is constituted by the Internet using TCP/IP (transmission controlprotocol/internet protocol). However, the form of the network 10 is notlimited to the Internet, and, for example, it may be constituted by aLAN such as Ethernet (registered trademark) or by mixing the Internetand the LAN.

The print clients 20, 22 are each composed of any of various kinds ofcomputers, for example, called a host computer and a personal computer.In this embodiment, in particular, the print clients 20, 22 generateprint transmitting data by encrypting print data with a public key andtransmit this print transmitting data to the printer 30 and/or theprinter 32 via the network 10. The number of print clients connected tothe network 10 is optional, and it may be one or more than one.Moreover, the print client is not limited to a computer, and, forexample, it may be a digital camera with a necessity to print a takenimage, a content server in which print image data is stored as contents,or the like.

Further, in this embodiment, the printers 30, 32 are so-called networkprinters. In this embodiment, particularly, the printers 30, 32 receiveprint transmitting data from the print client 20 and/or the print client22 and decrypt this print transmitting data with a private key which isgenerated with a passphrase containing at least printer positioninformation and a random number held in the printers 30, 32. When theprint transmitting data has been decrypted, a print operation based onthe print transmitting data is executed, and when the print transmittingdata has not been decrypted, the print operation based on the printtransmitting data is not executed.

In this embodiment, the printers 30, 32 are directly connected to thenetwork 10, and each of the printers 30, 32 has its own peculiar networkaddress. Accordingly, the print clients 20, 22 can transmit the printtransmitting data to the printer 30 or the printer 32 by designating itsnetwork address.

Incidentally, the printers 30, 32 are directly connected to the network10 in FIG. 1, but the printers 30, 32 may be connected thereto via aprinter server. Moreover, the number of printers connected to thenetwork 10 is optional, and it may be one or more than one.

FIG. 2 is a block diagram explaining the internal configuration of theprinter 30. It should be mentioned that the internal configuration ofthe printer 32 is the same as that of the printer 30.

As shown in FIG. 2, the printer 30 includes a CPU (Central ProcessingUnit) 40, a RAM (Random Access Memory) 42, and a ROM (Read Only Memory)44, and they are connected to each other via an internal bus 46. Acommunication interface 48 is connected to the internal bus 46, and theprinter 30 is connected to the aforementioned network 10 via thecommunication interface 48. In addition, an interface 50 is connected tothe internal bus 46, and a print engine 52 is connected to the interface50.

Moreover, a position detector 54 is connected to the internal bus 46.This position detector 54 has a function of specifying a position wherethe printer 30 is installed. In this embodiment, the position detector54 is constituted, for example, by a GPS (global positioning system),and the latitude, longitude, and altitude of the position where theprinter 30 is installed can be specified. It is said that the accuracyof the GPS at the present time is approximately ±10 m in the latitude,the longitude, and the altitude, respectively.

However, the constitution of the position detector 54 is not limited tothe constitution using the GPS, and, for example, when the printer 30 isconnected to the network 10 by a wireless LAN, the position of theprinter 30 may be specified based on a wireless base station whichaccommodates the printer 30. Alternatively, the position of the printer30 may be specified by using mobile communication technology includingthe PHS (Personal Handyphone System).

Further, a hard disk 58 is connected to the internal bus 46 via aninterface 56. In this embodiment, the hard disk 58 functions as arewritable nonvolatile memory device.

FIG. 3 is a block diagram for explaining the internal configuration ofthe print client 20. It should be mentioned that the internalconfiguration of the print client 22 is the same as that of the printclient 20 in this embodiment.

As shown in FIG. 3, the print client 20 according to this embodimentincludes a computer main unit 60 and a display 62.

The computer main unit 60 includes a CPU 64, a RAM 66, and a ROM 68, andthey are connected to each other via an internal bus 70. A communicationinterface 72 is connected to the internal bus 70, and the print client20 is connected to the aforementioned network 10 via the communicationinterface 72.

In addition, an interface 74 is connected to the internal bus 70, and ahard disk 76 which is a large capacity storage is connected to theinterface 74. In this embodiment, this hard disk 76 functions as arewritable nonvolatile memory device. Moreover, an interface 78 isconnected to the internal bus 70, and the aforementioned display 62 isconnected via a cable 80 which extends from the interface 78.

Next, a brief explanation of a process, for example, when the printclient 20 performs printing with the printer 30 in the print systemaccording to this embodiment will be given.

In this case, the print client 20 previously acquires, for example, fromthe printer 30 a public key of this printer 30. In this embodiment, thepublic key is acquired via the network 10. Namely, the printer 30confirms whether the print client 20 which requests the transmission ofthe public key has rightful authority, and only when the print clienthas rightful authority, the printer 30 notifies the print client of itspublic key. The printer 30 generates this public key with a passphrasecontaining at least printer position information indicating a positionwhere the printer 30 is installed and a random number generated and heldin the printer 30 by a public key cryptography. In other words, theprinter has a function of holding the random number to be used by thepublic key cryptography.

Incidentally, at this time, a generated private key is deleted. Namely,in the general public key cryptography, a public key and a private keyare generated at the same time. Therefore, in this embodiment, even if aprivate key is generated concomitantly with the generation of a publickey, the private key is deleted. Consequently, when the installationposition of the printer 30 has been moved, print transmitting dataencrypted with a public key generated before the movement cannot bedecrypted by the printer 30 after the movement.

However, the printer 30 need not necessarily notify the print client 20of the public key of the printer 30 via the network 10. For example, ifa user of the print client 20 has rightful authority, he or she can goto the installation place of the printer 30 and operate the printer 30,whereby it is also possible that the user operates a control panel ofthe printer 30 and acquires the public key of the printer 30. In thiscase, it is also possible that the user records the public key of theprinter 30 on a record medium such as a flexible disk and makes theprint client 20 read this public key.

Then, as shown in FIG. 4, the user of the print client 20 generatesprint data D05 which is data to be printed, designates the printer 30for the print client 20, and instructs a print operation.

The print client 20 encrypts the print data D05 with the previouslyacquired public key of the printer 30 to generate print transmittingdata D10. Here, the print data D05 means original print data needed fora print operation executed by driving the print engine 52 in the printer30. Incidentally, the print transmitting data D10 may contain data otherthan the print data D05 shown in FIG. 4.

The printer 30 which has received the print transmitting data D10temporarily stores the received print transmitting data D10 in the RAM42 as shown in FIG. 2. The printer 30 then decrypts the encrypted printtransmitting data D10 with a private key. Namely, the printer 30generates the private key using a passphrase containing at least printerposition information and the random number generated and held in theprinter 30 by the public key cryptography.

Subsequently, the printer 30 judges whether the print transmitting dataD10 has been decrypted. The printer 30 executes a print operation basedon the print data D05 acquired by decrypting the print transmitting dataD10 when the print transmitting data D10 has been decrypted, and doesnot execute the print operation when the print transmitting data D10 hasnot been decrypted.

Next, the contents of the aforementioned process will be explained indetail using flowcharts. First, processes in the print clients 20, 22and the printers 30, 32 when the print clients 20, 22 each acquire apublic key will be explained.

FIG. 5 is a flowchart explaining a public key request process executedin the print clients 20, 22. This public key request process is realizedby making the CPU 64 read and execute a public key request programstored in the ROM 68 or the hard disk 76 of the print client. In thisembodiment, this public key request process is started and executed whenthe user inputs an instruction to start a process of making a requestfor a public key to the print client.

Incidentally, hereinafter, assuming a case where the print client 20makes a request for a public key to the printer 30, the process will beexplained.

As shown in FIG. 5, in the public key request process, the print client20 first connects with the printer 30 (step S100). In this embodiment,the print client 20 establishes a connection between the print client 20and the printer 30 by designating the network address of the printer 30.Moreover, in this embodiment, the connection between the print client 20and the printer 30 is established after security is ensured by SSL(Secure Socket Layer) communication or the like.

Thereafter, the print client 20 transmits authentication information tothe printer 30 (step S102). In this embodiment, a combination of a printclient ID to specify the print client and a password is used as theauthentication information. Accordingly, the print client 20 transmitsthe print client ID and the password to the printer 30.

Subsequently, the print client 20 receives an authentication resultindicating whether authentication has been accepted from the printer 30,and judges whether the authentication has been accepted by the printer30 based on the authentication result (step S104). When theauthentication has not been accepted (step S104: No), the print client20 repeats the aforementioned process from step S102.

On the other hand, when the authentication has been accepted (step S104:Yes), the print client 20 transmits a public key acquisition request tothe printer 30 (step S106). Then, the print client 20 judges whether apublic key has been received from the printer 30 (step S108). When thepublic key has not been received from the printer 30 (step S108: No),the print client 20 stands by while repeating step S108.

On the other hand, when the public key has been received from theprinter 30 (step S108: Yes), the public key is stored (step S110). Inthis embodiment, the print client 20 is provided with a public key tableTB10 on the hard disk 76, and the acquired public key is stored and heldin this public key table TB10.

FIG. 6 is a diagram showing an example of the structure of the publickey table TB10. As shown in FIG. 6, the public key table TB10 includesan item TD10 which stores information to specify printers and an itemTD11 which stores acquired public keys in a one-to-one correspondencewith the printers. As just described, the public key table TB10 can holdpublic keys concerning plural printers on a printer-by-printer basis.Moreover, by storing the public keys in the public key table TB10 on thehard disk 76 in this manner, even when the print client 20 is poweredoff and then powered on again, the public keys acquired before thepower-on can be read from the hard disk 76 and used as they are.

As shown in FIG. 5, the print client 20 then cuts the connection withthe printer 30 (step S112). Thus, the public key request process shownin FIG. 5 is completed.

Next, a public key transmission process executed in the printers 30, 32corresponding to the public key request process in the print clients 20,22 will be explained based on FIG. 7 and FIG. 8. FIG. 7 and FIG. 8 areflowcharts explaining the public key transmission process executed inthe printers 30, 32. The public key transmission process is realized bymaking the CPU 40 read and execute a public key transmission programstored in the ROM 44 or the hard disk 58 of the printer. Moreover, thispublic key transmission process is started corresponding to theaforementioned public key request process.

Also here, similarly to the above, assuming the case where the printclient 20 makes the request for the public key to the printer 30, thefollowing explanation is given.

As shown in FIG. 7, first, the printer 30 is waiting for a connectionfrom the print client 20, and establishes a connection with the printclient 20 when the connection is requested from the print client 20(step S120). This corresponds to the aforementioned step S100 on theprint client 20 side. Namely, the connection is established aftersecurity is ensured by the SSL communication or the like. Subsequently,the printer 30 judges whether the authentication information has beenreceived from the print client 20 (step S122). When the authenticationinformation has not been received (step S122: No), the printer 30 standsby while repeating the process in step S122.

On the other hand, when the authentication information has been receivedfrom the print client 20 (step S122: Yes), the printer 30 judges whetherthis authentication information coincides with authenticationinformation which is previously registered with the printer 30 (stepS124). More specifically, since the print client ID and the password aretransmitted as the authentication information from the print client 20as described above, the printer 30 judges whether these client ID andpassword coincide with a print client ID and a password which arepreviously registered with the printer 30.

When these two pieces of authentication information do not coincide(step S124: No), the printer 30 transmits the authentication resultindicating that the authentication has not been accepted to the printclient 20 (step S126), and in step S154 in FIG. 8 described later, theconnection with the print client 20 is ended. On the other hand, whenthese two pieces of authentication information coincide (step S124:Yes), the printer 30 transmits the authentication result indicating thatthe authentication has been accepted to the print client 20 (step S128).

Thereafter, the printer 30 judges whether the public key acquisitionrequest has been received from the print client 20 (step S130). When thepublic key acquisition request has not been received (step S130: No),the printer 30 stands by while repeating the process in step S130.

On the other hand, when the public key acquisition request has beenreceived from the print client 20 (step S130: Yes), the printer 30acquires device-specific information on the printer 30 (step S132).Here, the device-specific information is identification informationspecifically assigned to the printer 30, and it is, for example, amanufacturer's serial number, a MAC address, or the like of the printer30.

Then, as shown in FIG. 8, the printer 30 acquires printer positioninformation on the printer 30 at this point in time from the positiondetector 54 (step S140). The reason why the printer position informationis acquired from the position detector 54 each time as described justabove is in order that, when the printer 30 has been moved to adifferent place, a public key is generated with position informationafter the movement.

Subsequently, the printer 30 creates a passphrase with thedevice-specific information and the printer position information (stepS142). There are various methods of creating the passphrase, and in thisembodiment, the passphrase is created by simply joining the printerposition information after the device-specific information.Incidentally, the passphrase may contain data other than thesedevice-specific information and printer position information.

Thereafter, the printer 30 judges whether a random number of the printer30 is previously registered (step S144). When no random number isregistered (step S144: No), the printer 30 generates one random numberand registers this random number on the hard disk 58 (step S146).Namely, in this embodiment, each printer generates a random number onlyonce and registers and holds the random number on the hard disk 58. Thegeneration of the random number is performed when the printer 30performs this public key transmission process for the first time.Moreover, since the printer 30 holds the random number on the hard disk58, the random number is held in a nonvolatile manner even when theprinter 30 is powered off. Therefore, even when the printer 30 ispowered on again, the hitherto used random number is effectively held.Incidentally, the aforementioned generation of the random number of theprinter 30 need not be necessarily performed in the public keytransmission process, and may be performed in some other process. Forexample, when the printer 30 is shipped from a factory, the randomnumber may be previously generated, and registered and held on the harddisk 58.

On the other hand, when the random number is held on the hard disk 58(step S144: Yes), the process in step S146 is bypassed.

Then, the printer 30 reads and acquires the random number of thisprinter 30 from the hard disk 58 (step S148).

Thereafter, the printer 30 generates a public key and a private key withthe passphrase created in step S142 and the random number acquired instep S148 by the public key cryptography (step S150). The public keycryptography has the property that the same public key and private keyare generated again if the same passphrase and random number are used.Then, the printer 30 transmits only the public key out of the generatedpublic key and private key to the print client 20 (step S152).Incidentally, the private key is deleted without being saved.

Subsequently, the printer 30 ends the connection with the print client20 (step S154). Thus, the public key transmission process according tothis embodiment is completed.

Next, processes in the print clients 20, 22 and the printers 30, 32 whenthe print clients 20, 22 want to perform printing and transmit a printrequest to the printers 30, 32 will be explained in detail.

FIG. 9 is a flowchart explaining a print request process executed in theprint clients 20, 22. This print request process is realized by makingthe CPU 64 read and execute a print request program stored in the ROM 68or the hard disk 76 of the print client. In this embodiment, this printrequest process is started and executed when the user inputs a printinstruction to the print client.

Here, assuming a case where the print client 20 makes a print request tothe printer 30, the following explanation is given.

As shown in FIG. 9, the print client 20 generates the print data D05based on a print request from the user (step S160). This print data D05is data necessary for an actual print operation when the printer 30 isan ordinary printer.

Then, the print client 20 reads the public key of the printer 30 fromthe public key table TB10 on the hard disk 76 (step S162). Subsequently,the print client 20 encrypts the print data D05 with the public key ofthe printer 30 to generate the print transmitting data D10 (step S164).Incidentally, the print transmitting data D10 may contain data otherthan the print data.

Thereafter, the print client 20 establishes a connection with theprinter 30 (step S165). Then, the print client 20 transmits theencrypted print transmitting data D10 to the printer 30 (step S166).More specifically, the print client 20 designates the network address ofthe printer 30 and sends out the print transmitting data D10 to thenetwork 10.

Subsequently, the print client 20 judges whether print resultinformation has been received from the printer 30 (step S168). When theprint result information has not been received (step S168: No), theprint client 20 stands by while repeating the process in step S168. Onthe other hand, when the print result information has been received(step S168: Yes), the print client 20 judges whether the print resultinformation is a print completion notice (step S170).

When this print result information is the print completion notice (stepS170: Yes), it means that the printer 30 has properly completed theprint operation, and hence the print client 20 notifies the user thatthe printer 30 has completed the print operation (step S172). On theother hand, when the received print result information is not the printcompletion notice (step S170: No), whether the print result informationis an undecryptable notice is judged (step S174).

When the print result information is the undecryptable notice (stepS174: Yes), the print client 20 notifies the user that since the printtransmitting data D10 has not been decrypted by the printer 30, theprint operation has not been executed (step S176). On the other hand,when the print result information is not the undecryptable notice (stepS174: No), some other error is thought to occur, and hence the printclient 20 gives notice according to the type of the error to the user(step S178).

After the notice in step S172, step S176, or step S178, the print client20 cuts the connection with the printer 30 (step S179). Thus, the printrequest process in the print client 20 is completed.

Next, a print execution process executed in the printers 30, 32corresponding to the print request process in the print clients 20, 22will be explained based on FIG. 10. FIG. 10 is a flowchart explainingthe print execution process executed in the printers 30, 32. This printexecution process is realized by making the CPU 40 read and execute aprint execution program stored in the ROM 44 or the hard disk 58 of eachof the printers 30, 32. In this embodiment, this print execution processis regularly executed at predetermined time intervals.

Also here, similarly to the above, assuming the case where the printclient 20 makes the print request to the printer 30, the followingexplanation is given.

As shown in FIG. 10, the printer 30 is waiting for a connection from theprint client 20 and establishes a connection with the print client 20via the network 10 when the connection is requested from the printclient 20 (step S180). After the connection with the print client 20 hasbeen established, the printer 30 judges whether the print transmittingdata D10 has been received from the network 10 (step S181). When noprint transmitting data D10 has been received (step S181: No), theprinter 30 stands by while repeating the process in step S181.

On the other hand, when the print transmitting data D10 has beenreceived (step S181: Yes), the printer 30 acquires its owndevice-specific information (step S182). Subsequently, the printer 30acquires printer position information on the printer 30 at this point intime from the position detector 54 (step S184). The reason why theprinter position information is acquired from the position detector 54each time as described just above is that, when the printer 30 has beenmoved to a different place, there is a possibility that the printer 30is installed in a place where the user does not intend to performprinting, and in order that, in such a case, the print operation is notexecuted by the printer 30.

Then, the printer 30 creates a passphrase based on the device-specificinformation and the printer position information (step S186). The methodof creating the passphrase needs to be the same method as in step S142in the aforementioned public key transmission process. This is because,if the passphrases are different, the print transmitting data encryptedwith the public key transmitted to the print client cannot be decryptedwith a private key.

Thereafter, the printer 30 reads and acquires the random number of theprinter 30 registered and held in the aforementioned step S146 from thehard disk 58 (step S188). Then, the printer 30 generates a public keyand a private key with the generated passphrase and the acquired randomnumber by the public key cryptography (step S190). These passphrase andrandom number used in step S190 are the same as those used in step S150in the aforementioned public key transmission process if theinstallation position of the printer 30 has not been moved. Hence, thesame public key and private key as generated in step S150 are generated.Subsequently, the printer 30 decrypts the received print transmittingdata D10 with the generated private key and acquires the print data D05(step S192).

Then, the printer 30 judges whether the print transmitting data D10 hasbeen decrypted with the private key (step S194). When the printtransmitting data D10 has been decrypted (step S194: Yes), the printer30 executes the print operation by driving the print engine 52 based onthe acquired print data D05 (step S196). More specifically, the printer30 performs a language interpretation of the print data D05 andgenerates print request data fitting the print engine 52. Then, bytransmitting this print request data to the print engine 52, printsheets or the like are printed by the print engine 52.

As can be seen from the above, in this embodiment, the private key isgenerated with the passphrase containing at least the printer positioninformation detected by the position detector 54 and the random numberregistered with the printer 30, and when the print transmitting data D10has been decrypted with this private key, it is judged that the printtransmitting data D10 matches the printer position information.

At a point in time when the print operation has been properly completed,the printer 30 transmits the print completion notice that the printoperation has been properly completed as the print result information tothe print client 20 (step S198).

Contrary to this, when it is judged in step S194 that the printtransmitting data D10 has not been decrypted (step S194: No), theprinter 30 transmits the undecryptable notice as the print resultinformation to the print client 20 (step S200). Namely, in thisembodiment, when the private key is generated with the passphrasecontaining at least the printer position information detected by theposition detector 54 and the random number registered with the printer30 but the print transmitting data D10 has not been decrypted with thisprivate key, it is judged that that the print transmitting data D10 doesnot match the printer position information.

After step S198 or step S200, the printer 30 ends the connection withthe print client 20 (step S202). Then, the printer 30 returns to theaforementioned process in step S180.

As described above, according to the print system of this embodiment,the print clients 20, 22 can limit a printer able to print thetransmitted encrypted print transmitting data D10 based on printerposition information, so that the execution of a print operation by aprinter installed in a position where the users of the print clients 20,22 do not intend to perform printing can be avoided. For example, evenif the print transmitting data D10 is transmitted by mistake to theprinter 30 from the print client 20 when the printer 30 has been movedto a different place but the network address of the printer 30 in thenetwork 10 remains unchanged, the printer position information ischanged in the printer 30, whereby the passphrase created in step S186is different from that before the movement. Hence, the printtransmitting data D10 cannot be decrypted with a private key generatedwith this passphrase, and thereby the print operation cannot be executedby the printer 30. Consequently, the security of the print data D05 canbe enhanced.

On the other hand, also on the printers 30, 32 side, the transmission ofprint data to the printers 30, 32 by somebody who is not duly authorizedto perform printing with the printers 30, 32 and the execution of alarge print operation by the printers 30, 32 can be avoided. Forexample, even if a third party can know the network address of theprinter 30 for some reason and tries to transmit the print transmittingdata D10 to the printer 30, the third party cannot acquire the publickey of the printer 30. Even if this user generates the printtransmitting data D10 by encrypting the print data D05 with a differentpublic key or generates the print transmitting data D10 withoutencryption and transmits the print transmitting data D10 to the printer30, it is judged in step S194 of the print execution process that theprint transmitting data D10 has not been decrypted, and hence it becomesimpossible to make the printer 30 execute the print operation.Consequently, the security of the printer 30 itself can be enhanced.

Moreover, in this embodiment, the passphrase contains thedevice-specific information, and hence even if the third party can knowthe position of the printer 30 for some reason, the passphrase used inthe printer 30 cannot be specified unless the device-specificinformation on the printer 30 is known. This makes it extremelydifficult for the third party to disguise itself as the printer 30 toreceive the print transmitting data D10 and decrypt this printtransmitting data D10.

Further, in this embodiment, the public key and the private key aregenerated with the random number in addition to the passphrase, whichmakes it still more difficult for the third party to disguise itself asthe printer 30 to receive the print transmitting data D10 and decryptthis print transmitting data D10.

Furthermore, the random number is generated for each printer, and thegenerated random number is held in a rewritable nonvolatile memorydevice such as a hard disk, whereby the same random number as used whenthe public key is generated can be used when the private key isgenerated. Therefore, the private key capable of decrypting the printtransmitting data D10 which is encrypted with the public key generatedusing this random number can be generated again.

Second Embodiment

In the second embodiment of the present invention, the printers 30, 32each generate and hold a random number used when a public key and aprivate key are generated for each print client, which makes it moredifficult for a third party to guess the random number. Further detailswill be given below.

It should be mentioned that the configuration of a print systemaccording to this embodiment is the same as that in FIG. 1 in the firstembodiment, the configurations of the printers 30, 32 are the same asthat in FIG. 2 described above, and the configurations of the printclients 20, 22 are the same as that in FIG. 3 described above. Moreover,a public key request process executed in the print clients 20, 22according to this embodiment is the same as that in the aforementionedfirst embodiment.

FIG. 11 is a flowchart explaining a part of a public key transmissionprocess executed in the printers 30, 32 according to this embodiment andcorresponds to FIG. 8 in the aforementioned first embodiment.

As shown in FIG. 11, the public key transmission process according tothis embodiment is the same as that in the aforementioned firstembodiment until the creation of the passphrase shown in step S142, butdifferent therefrom in the process thereafter. More specifically, aftercreating the passphrase, the printer 30 judges whether a random numberof the print client which requests a public key is registered with thisprinter 30 (step 5300).

FIG. 12 is a diagram showing an example of the structure of a randomnumber table TB20 in which random numbers are registered for respectiveprint clients held in the printer 30 according to this embodiment. Inthis embodiment, this random number table TB20 is stored and held on thehard disk 58.

As shown in FIG. 12, the random number table TB20 includes a printclient ID DT20 and a random number TD21 as data items. The print clientID TD20 stores print client IDs as information to specify print clients.The random number TD21 stores random numbers in a one-to-onecorrespondence with the print client IDs in the print client ID TD20.

In this embodiment, as described before in step S122 in the firstembodiment, the print client ID and the password as identificationinformation are transmitted from each of the print clients 20, 22 to theprinter 30. Therefore, in step 5300, it is judged whether the printclient ID received from each of the print clients 20, 22 is registeredin the random number table TB20 and its random number is held therein.

As shown in FIG. 11, when the random number of the print client inquestion is not registered with the printer 30 (step S300: No), theprinter 30 generates one random number for this print client andregisters it in the random number table TB20 (step S302). Morespecifically, the printer 30 registers the print client ID of the printclient and the generated random number in the random number table TB20.

On the other hand, when the random number is registered with the printer30 (step S300: Yes), the process in step S302 is bypassed.

Then, the printer 30 reads and acquires the random number of the printclient which requests the transmission of the public key (step S304).

Thereafter, the printer 30 generates a public key and a private key withthe passphrase created in step S142 and the random number acquired instep S304 by the public key cryptography (step S306). Then, similarly tothe aforementioned first embodiment, the printer 30 transmits only thepublic key out of the generated public key and private key to the printclient 20 (step S152). Incidentally, the private key is deleted withoutbeing saved.

Subsequently, the printer 30 ends the connection with the print client20 (step S154). Thus, the public key transmission process according tothis embodiment is completed.

Next, a print request process executed in the print clients 20, 22according to this embodiment will be explained based on FIG. 13. FIG. 13is a flowchart explaining the print request process executed in theprint clients 20, 22 according to this embodiment.

As shown in FIG. 13, the print request process according to thisembodiment is different from that according to the aforementioned firstembodiment in a process for generating print transmitting data. Namely,after reading the public key in step S162, the print client 20 encryptsthe print data D05 with the public key (step S310).

Then, the print client 20 adds its own print client ID to the encryptedprint data D05 to generate print transmitting data (step S312). FIG. 14is a diagram showing an example of a format of print transmitting dataD20 according to this embodiment. As shown in FIG. 14, the printtransmitting data D20 according to this embodiment is structured byadding a print client ID D15 which is not encrypted with the public keyread in step S162 to the print data D05 which is encrypted with thepublic key read in step S162.

The reason why the print client ID D15 is not encrypted with the publickey read in step S162 is that since the printer 30 holds differentrandom numbers for respective print clients, a private key cannot begenerated if the print client ID D15 cannot be specified. Therefore, itis possible to encrypt the print client ID D15 without using the publickey read in step S162 by a different cryptography. Incidentally, theprint transmitting data D20 may contain data other than these printclient ID D15 and print data D05.

Moreover, in this embodiment, the print client ID D15, together with theprint data D05, is transmitted, but the print client ID D15 may betransmitted separately from the print data D05. In this case, the printclient ID dl5 may be transmitted before or after the print data D05 ifrelevance to the print data D05 is maintained.

The process after step S312 is the same as in the aforementioned firstembodiment.

Next, a print execution process executed in the printers 30, 32according to this embodiment will be explained based on FIG. 15. FIG. 15is a flowchart explaining the print execution process executed in theprinters 30, 32 according to this embodiment.

As shown in FIG. 15, the print execution process according to thisembodiment is different from that according to the aforementioned firstembodiment in a process of acquiring a random number. Namely, aftercreating the passphrase in step S186, the printer 30 extracts andacquires the print client ID D15 from the received print transmittingdata D20 (step S320).

Then, the printer 30 searches the random number table TB20 using theprint client ID as a search key, and reads and acquires a random numberof the print client in question from the random table TB20 (step S322).Subsequently, the printer 30 generates a public key and a private keywith the passphrase generated in step S186 and the random numberacquired in step S322 by the public key cryptography (step S324).

The process after step S324 is the same as in the aforementioned firstembodiment.

As described above, the same effect as in the aforementioned firstembodiment can be obtained also by the print system according to thisembodiment. Moreover, according to the print system of this embodiment,the printers 30, 32 each generate and hold a random number for each ofprint clients, which can make it extremely difficult for the third partyto guess the random number.

Third Embodiment

In the third embodiment of the present invention, the printers 30, 32each generate and hold a random number used when a public key and aprivate key are generated for each user, which makes it more difficultfor a third party to guess the random number. Further details will begiven below.

It should be mentioned that the configuration of a print systemaccording to this embodiment is the same as that in FIG. 1 in theaforementioned first embodiment, the configurations of the printers 30,32 are the same as that in FIG. 2 described above, and theconfigurations of the print clients 20, 22 are the same as that in FIG.3 described above.

FIG. 16 is a flowchart explaining a part of a public key request processexecuted in the print clients 20, 22 according to this embodiment, andcorresponds to FIG. 5 in the aforementioned first embodiment.

As shown in FIG. 16, the public key request process according to thisembodiment is different from that according to the aforementioned firstembodiment in the process after the authentication has been accepted instep S104. Namely, when the authentication has been accepted (step S104:Yes), the print client 20 transmits a user ID of a user which requests apublic key and a public key acquisition request to the printer 30 (stepS400). In this embodiment, the user operates a keyboard or the like toinput the user ID to the print client and transmits the inputted user IDto the printer 30.

Then, the print client 20 judges whether the public key has beenreceived from the printer 30 (step S402). When the public key has notbeen received from the printer 30 (step S402: No), the print client 20stands by while repeating step S402.

On the other hand, when the public key has been received from theprinter 30 (step S402: Yes), the public key is stored (step S404). Inthis embodiment, the print client 20 is provided with a public key tableTB30 on a printer-by-printer basis on the hard disk 76, and the acquiredpublic key is stored and held in this public key table TB30.

FIG. 17 is a diagram showing an example of the structure of the publickey table TB30. As shown in FIG. 17, in the public key table TB30, atable is formed for each of the printers 30, 32, and each table includesan item TD30 which stores information to specify users and an item TD31which stores acquired public keys in a one-to-one correspondence withthe users. As just described, the public key table TB30 can hold publickeys concerning plural users on a user-by-user basis and on aprinter-by-printer basis. Moreover, by storing the public keys in thepublic key table TB30 on the hard disk 76 in this manner, even when theprint client 20 is powered off and then powered on again, the publickeys acquired before the power-on can be read from the hard disk 76 andused as they are.

As shown in FIG. 16, the print client 20 then cuts the connection withthe printer 30 (step S406). Thus, the public key request process shownin FIG. 16 is completed.

Next, a public key transmission process executed in the printers 30, 32according to this embodiment will be explained based on FIG. 18 and FIG.19. FIG. 18 and FIG. 19 are flowcharts explaining the public keytransmission process executed in the printers 30, 32, and corresponds toFIG. 7 and FIG. 8 in the aforementioned first embodiment.

First, as shown in FIG. 18, this embodiment is different from theaforementioned first embodiment and second embodiment in that theprinter 30 receives the user ID, together with the public keyacquisition request, from the print client 20. Namely, aftertransmitting the authentication result indicating that theauthentication has been accepted in step S128, the printer 30 judgeswhether the user ID and the public key acquisition request have beenreceived (step S410). When either the user ID or the public keyacquisition request has not been received (step S410: No), the printer30 stands by while repeating the process in step S410.

On the other hand, when both the user ID and the public key acquisitionrequest have been received (step S410: Yes), the printer 30 executes theprocess from step S132 similarly to the aforementioned first embodiment.

Moreover, as shown in FIG. 19, this embodiment is different from theaforementioned first embodiment and second embodiment in a process whenthe printer 30 acquires a random number. Namely, after generating thepassphrase, the printer 30 judges whether a random number of the userwho requests the public key is registered with respect to the printclient 20 with the printer 30 (step S420).

FIG. 20 is a diagram showing an example of the structure of a randomnumber table TB40, in which random numbers are registered on auser-by-user basis, held in the printer 30 according to this embodiment.In this embodiment, in this random number table TB40, a table is formedfor each of print clients. This random number table TB40 is stored andheld on the hard disk 58.

As shown in FIG. 20, the ransom number table TB40 includes a user IDTD40 and a random number TD41 as data items. The user ID TD40 storesuser IDs as information to specify users. The random number TD41 storesrandom numbers in a one-to-one correspondence with the user IDs in theuser ID TD40.

In this embodiment, as described before in step S122, the print clientID and the password as identification information are transmitted fromthe print client 20 to the printer 30. Therefore, in step S300, thetable of the print client 20 in the random number table TB40 can bespecified based on the print client ID received from the print client20. Then, it can be judged whether a random number corresponding to theuser is registered in the table of the print client in question based onthe user ID received from the print client 20.

As can be seen from the above, in this embodiment, a case where one useruses plural print clients is assumed, and in this case, if differentprint clients are used even if their users are the same, differentrandom numbers, that is, different public keys and private keys areused.

As shown in FIG. 19, when, regarding the print client in question, therandom number of the user in question is not registered with the printer30 (step S420: No), the printer 30 generates one random number of theuser in question with respect to this print client and registers it inthe random number table TB40 (step S422). More specifically, the user IDand the generated random number are registered in the table of the printclient 20 of the random number table TB40.

On the other hand, when the random number is registered with the printer30 (step S420: Yes), the process in step S422 is bypassed.

Then, the printer 30 reads and acquires the random number of the userregistered with respect to the print client who requests thetransmission of the public key from the random number table TB40 (stepS424).

Thereafter, the printer 30 generates a public key and a private key withthe passphrase created in step S142 and the random number acquired instep 5424 by the public key cryptography (step S426). Then, similarly tothe aforementioned first embodiment and second embodiment, the printer30 transmits only the public key out of the generated public key andprivate key to the print client 20 (step S152). Incidentally, theprivate key is deleted without being saved.

Subsequently, the printer 30 ends the connection with the print client20 (step S154). Thus, the public key transmission process according tothis embodiment is completed.

Next, a print request process executed in the print clients 20, 22according to this embodiment will be explained based on FIG. 21. FIG. 21is a flowchart explaining the print request process executed in theprint clients 20, 22 according to this embodiment.

As shown in FIG. 21, the print request process according to thisembodiment is different from those according to the aforementioned firstembodiment and second embodiment in a process for generating printtransmitting data. Namely, after reading the public key of the user inquestion corresponding to the printer in question from the public keytable TB30 in step S162, the print client 20 encrypts the print data D05with this public key (step S430).

Then, the print client 20 adds its own print client ID and user ID tothe encrypted print data D05 to generate print transmitting data (stepS432). FIG. 22 is a diagram showing an example of a format of printtransmitting data D30 according to this embodiment. As shown in FIG. 22,the print transmitting data D30 according to this embodiment isstructured by adding the print client ID D15 which is not encrypted withthe public key read in step S162 and a user ID D25 which is notencrypted with the public key read in step S162 to the print data D05which is encrypted with the public key read in step S162.

The reason why the print client ID D15 and the user ID D25 are notencrypted with the public key read in step S162 is that since theprinter 30 holds different random numbers for respective print clientsand for respective users, a private key cannot be generated if theseprint client ID D15 and user ID D25 cannot be specified. Therefore, itis possible to encrypt these print client ID D15 and user ID D25 withoutusing the public key read in step S162 by a different cryptography.Incidentally, the print transmitting data D30 may contain data otherthan these print client ID D15, user ID D25, and print data D05.

Moreover, in this embodiment, the print client ID D15 and the user IDD25, together with the print data D05, are transmitted, but the printclient ID D15 and the user ID D25 may be transmitted separately from theprint data D05. In this case, the print client ID D15 and the user IDD25 may be transmitted before or after the print data D05 if relevanceto the print data D05 is maintained. Further, the print client ID D15and the user ID D25 may be transmitted separately or together.

The process after step S432 is the same as in the aforementioned firstembodiment and second embodiment.

Next, a print execution process executed in the printers 30, 32according to this embodiment will be explained based on FIG. 23. FIG. 23is a flowchart explaining the print execution process executed in theprinters 30, 32 according to this embodiment.

As shown in FIG. 23, the print execution process according to thisembodiment is different from those according to the aforementioned firstembodiment and second embodiment in a process for acquiring a randomnumber. Namely, after creating the passphrase in step S186, the printer30 extracts and acquires the print client ID D15 and the user ID D25from the received print transmitting data D30 (step S440).

Then, the printer 30 searches the random number table TB40 using theacquired print client ID and user ID as a search key, and reads andacquires a random number of the user registered with respect to theprint client in question from the random number table TB40 (step S442).Subsequently, the printer 30 generates a public key and a private keywith the passphrase generated in step S186 and the random numberacquired in step S442 by the public key cryptography (step S444).

The process after step S444 is the same as in the aforementioned firstembodiment and second embodiment.

As described above, the same effect as in the aforementioned firstembodiment and second embodiment can be obtained also by the printsystem according to this embodiment. Moreover, according to the printsystem of this embodiment, the printers 30, 32 each generate and hold arandom number for each of users, which can make it extremely difficultfor the third party to guess the random number.

Fourth Embodiment

In a print system according to the fourth embodiment of the presentinvention, a public key is generated with a passphrase containing atleast printer position information indicating a position where a printeris installed for each print job, and transmitted to a print client. Theprint client transmits print transmitting data generated by encryptingprint job data with this public key. The printer which has received thisprint transmitting data generates a private key again with a passphrasecontaining at least printer position information at this point in timeat the time of reception and executes a print operation only when theprint transmitting data has been decrypted with this private key.Generally, in the public key cryptography, a random number is used whena public key and a private key are generated, and in this embodiment, arandom number used when a public key to be transmitted to the printclient is generated is held and this same random number is used alsowhen a private key is generated to decrypt the print transmitting data,whereby the same private key is obtained if printer position informationunchanged. Further details will be given below.

It should be mentioned that the configuration of the print systemaccording to this embodiment is the same as that in FIG. 1 in theaforementioned first embodiment, the configurations of the printers 30,32 are the same as that in FIG. 2 described above, and theconfigurations of the print clients 20, 22 are the same as that in FIG.3 described above.

Next, a brief explanation of a process, for example, when the printclient 20 performs printing with the printer 30 in the print systemaccording to this embodiment will be given.

In this case, the print client 20 first acquires from the printer 30 apublic key of this printer 30. In this embodiment, a public key isacquired for each print job via the network 10. Namely, the printer 30confirms whether the print client 20 which requests the transmission ofa public key has rightful authority, and only when the print client hasrightful authority, the printer 30 transmits its own public key to theprint client 20. The printer 30 generates this public key with apassphrase at least containing printer position information indicating aposition where the printer 30 is installed and a random number generatedfor each print job by the printer 30 by the public key cryptography. Theprinter 30 holds the random number used when this public key isgenerated.

Note that at this time, a generated private key is deleted. Namely, inthe general public key cryptography, a public key and a private key aregenerated at the same time. Therefore, in this embodiment, even if aprivate key is generated concomitantly with the generation of a publickey, the private key is deleted. Consequently, the possibility of a leakof the private key generated by the printer 30 can be reduced to aminimum.

Then, as shown in FIG. 4, the user of the print client 20 generates theprint job data D05 containing data which becomes necessary to performprinting with the printer 30, designates the printer 30 for the printclient 20, and instructs a print operation. The print client 20 encryptsthe print job data D05 with the previously acquired public key of theprinter 30 to generate the print transmitting data D10. Incidentally,the print transmitting data D10 may contain data other than the printjob data D05 shown in FIG. 4.

The printer 30 which has received the print transmitting data D10temporarily stores the received print transmitting data D10 in the RAM42 as shown in FIG. 2. The printer 30 then decrypts the encrypted printtransmitting data D10 with a private key. Namely, the printer 30generates the private key using a passphrase containing at least printerposition information and a random number generated and held in theprinter 30 by the public key cryptography. Then, the printer 30 decryptsthe print transmitting data D10 with this private key.

Subsequently, the printer 30 judges whether the print transmitting dataD10 has been decrypted. The printer 30 executes a print operation basedon the print job data D05 acquired by decrypting the print transmittingdata D10 when the print transmitting data D10 has been decrypted, anddoes not execute the print operation when the print transmitting dataD10 has not been decrypted. Thereafter, the printer 30 deletes the heldrandom number.

Next, the contents of the aforementioned process will be explained indetail using flowcharts. First, a print request process which is aprocess when the print clients 20, 22 each make a print request to theprinters 30, 32 will be explained.

FIG. 24 and FIG. 25 are flowcharts explaining the print request processexecuted in the print clients 20, 22. This print request process isrealized by making the CPU 64 read and execute a print request programstored in the ROM 68 or the hard disk 76 of the print client. In thisembodiment, this print request process is started and executed when theuser inputs an instruction to execute a print operation to the printclients 20, 22.

Incidentally, hereinafter, assuming a case where the print client 20makes a print request to the printer 30, the process will be explained.

As shown in FIG. 24, in this print request process, the print client 20first transmits a connection request to the printer 30 via the network(step S1100). Then, a connection between the print client 20 and theprinter 30 is established (step S1102). In this embodiment, theconnection between the print client 20 and the printer 30 is establishedafter security is ensured by the SSL (Secure Socket Layer) communicationor the like.

Thereafter, the print client 20 transmits authentication information tothe printer 30 (step S1104). In this embodiment, a combination of aprint client ID to specify the print client and a password is used asthe authentication information. Accordingly, the print client 20transmits the print client ID and the password to the printer 30.

Subsequently, the print client 20 receives an authentication resultindicating whether authentication has been accepted from the printer 30,and judges whether the authentication has been accepted by the printer30 based on the authentication result (step S1106). When theauthentication has not been accepted (step S1106: No), the print client20 repeats the aforementioned process from step S1104.

On the other hand, when the authentication has been accepted (stepS1106: Yes), the print client 20 transmits a public key acquisitionrequest to the printer 30 (step S1108). Then, the print client 20 judgeswhether a public key has been received from the printer 30 (step S1110).When the public key has not been received from the printer 30 (stepS1110: No), the print client 20 stands by while repeating step S1110.

On the other hand, when the public key has been received from theprinter 30 (step S1110: Yes), the public key is stored (step S1112). Inthis embodiment, the print client 20 temporarily stores and holds thispublic key in the RAM 66 (See FIG. 3). By storing the public key in theRAM 66 as just described, the public key is automatically erased whenthe print client 20 is powered off, which can increase secrecy of thepublic key.

Then, the print client 20 releases the connection with the printer (stepS1114). Namely, the connection established between the print client 20and the printer 30 while the security is ensured by the SSLcommunication or the like is released. The release of the connection isnot always a necessary process, but the connection is released in thisembodiment since the print transmitting data D10 to be transmitted instep S1126 described later is separately encrypted with the public key,and hence the need for ensure the security of the connection itself issmall in the process thereafter.

Thereafter, as shown in FIG. 25, the print client 20 generates the printjob data D05 based on a print request from the user (step S1120). Thisprint job data D05 is an unencrypted data which becomes necessary forthe execution of a print operation by the printer 30.

Then, the print client 20 reads the public key stored in step S1112 fromthe RAM 66 (step S1122). Subsequently, the print client 20 encrypts theprint job data D05 with this public key to generate the printtransmitting data D10 (step S1124). Incidentally, the print transmittingdata D10 may contain data other than the print job data.

Thereafter, the print client 20 newly establishes a connection with theprinter 30 (step S1125). As described above, this connection may notnecessarily be a connection whose security is ensured.

Then, the print client 20 transmits the encrypted print transmittingdata D10 to the printer 30 (step S1126). More specifically, the printclient 20 designates the network address of the printer 30 and sends outthe print transmitting data D10 to the network 10.

Subsequently, the print client 20 judges whether print resultinformation has been received from the printer 30 (step S1128). When theprint result information has not been received (step S1128: No), theprint client 20 stands by while repeating the process in step S1128. Onthe other hand, when the print result information has been received(step S1128: Yes), the print client 20 judges whether the print resultinformation is a print completion notice (step S1130).

When this print result information is the print completion notice (stepS1130: Yes), it means that the printer 30 has properly completed theprint operation, and hence the print client 20 notifies the user thatthe printer 30 has completed the print operation (step S1132). On theother hand, when the received print result information is not the printcompletion notice (step S1130: No), whether the print result informationis an undecryptable notice is judged (step S1134).

When the print result information is the undecryptable notice (stepS1134: Yes), the print client 20 notifies the user that since the printtransmitting data D10 has not been decrypted by the printer 30, theprint operation has not been executed (step S1136). On the other hand,when the print result information is not the undecryptable notice (stepS1134: No), some other error is thought to occur, and hence the printclient 20 gives notice according to the type of the error to the user(step S1138).

After the notice in step 51132, step S1136, or step 51138, the printclient 20 deletes the public key stored in the RAM 66 in step S1112(step S1140). This process in step S1140 is not always a necessaryprocess, but in this embodiment, to improve the secrecy of the publickey, the acquired public key is deleted every time the process of oneprint job is completed.

Then, the print client 20 releases the connection with the printer 30(step S1142). Thus, the print request process in the print client 20 iscompleted.

Next, a print execution process executed in the printers 30, 32corresponding to the print request process in the print clients 20, 22will be explained based on FIG. 26 to FIG. 28. FIG. 26 to FIG. 28 areflowcharts explaining the print execution process executed in theprinters 30, 32. This print execution process is realized by making theCPU 40 read and execute a print execution program stored in the ROM 44or the hard disk 58 of the printer. This print execution process isregularly executed at predetermined time intervals.

Also here, similarly to the above, assuming the case where the printclient 20 makes the print request to the printer 30, the followingexplanation is given.

As shown in FIG. 26, the printer 30 first judges whether the connectionrequest has been received from the print client 20 via the network 10(step S1200). When the connection request has not been received from theprint client 20 (step S1200: No), the printer 30 stands by whilerepeating the process in step S1200. On the other hand, when theconnection request has been received from the print client 20 (stepS1200: Yes), as described above, after security has been ensured by theSSL communication or the like, the connection between the printer 30 andthe print client 20 is established (step S1202).

Then, the printer 30 judges whether the authentication information hasbeen received from the print client 20 (step S1204). When theauthentication information has not been received (step S1204: No), theprinter 30 stands by while repeating the process in step S1204.

On the other hand, when the authentication information has been receivedfrom the print client 20 (step S1204: Yes), the printer 30 judgeswhether this authentication information coincides with authenticationinformation which is previously registered with the printer 30 (stepS1206). More specifically, since the print client ID and the passwordare transmitted as the authentication information from the print client20 as described above, the printer 30 judges whether these print clientID and password coincide with a print client ID and a password which arepreviously registered on the hard disk 58 or the like of the printer 30.

When these two pieces of authentication information do not coincide(step S1206: No), the printer 30 transmits the authentication resultindicating that the authentication has not been accepted to the printclient 20 (step S1208) and returns to the process in step S1204. On theother hand, when these two pieces of authentication information coincide(step S1206: Yes), the printer 30 transmits the authentication resultindicating that the authentication has been accepted to the print client20 (step S1210).

Thereafter, the printer 30 judges whether the public key acquisitionrequest has been received from the print client 20 (step S1212). Whenthe public key acquisition request has not been received (step S1212:No), the printer 30 stands by while repeating the process in step S1212.

On the other hand, when the public key acquisition request has beenreceived from the print client 20 (step S1212: Yes), the printer 30acquires device-specific information on the printer 30 (step S1214).Here, the device-specific information is identification informationspecifically assigned to the printer 30, and it is, for example, amanufacturer's serial number, a MAC address, or the like of the printer30.

Then, as shown in FIG. 27, the printer 30 acquires printer positioninformation on the printer 30 at this point in time from the positiondetector 54 (step S1220). The reason why the printer positioninformation is acquired from the position detector 54 each time as justdescribed is in order that, when the printer 30 has been moved to adifferent place, a public key is generated with position informationafter the movement.

Subsequently, the printer 30 creates a passphrase with thedevice-specific information and the printer position information (stepS1222). There are various methods of creating the passphrase, and inthis embodiment, the passphrase is created by simply joining the printerposition information after the device-specific information.Incidentally, the passphrase may contain data other than thesedevice-specific information and printer position information.

Then, the printer 30 generates one random number and stores this randomnumber in the printer 30 (step S1224). In this embodiment, the generatedrandom number is stored in the RAM 42 (See FIG. 2). By storing therandom number in the RAM 42 as just described, the random number isautomatically erased when the printer 30 is powered off, which canincrease the secrecy of the public key and the private key.

Thereafter, the printer 30 generates a public key and a private key withthe passphrase created in step S1222 and the random number generated instep S1224 by the public key cryptography (step S1226). The public keycryptography has the property that the same public key and private keyare generated again if the same passphrase and random number are used.Then, the printer 30 transmits only the public key out of the generatedpublic key and private key to the print client 20 (step S1228).Incidentally, the private key is deleted without being saved.

Subsequently, the printer 30 releases the connection with the printclient 20 (step S1230). This process is a process corresponding to stepS1114 in the aforementioned print request process. Moreover, the processin step S1230 is not always a necessary process as described above.

Then, the printer 30 judges whether a connection request has beenreceived from the print client 20 via the network 10 (step s1232). Whenthe connection request has not been received from the print client 20(step S1232: No), the printer 30 stands by while repeating the processin step S1232. On the other hand, when the connection request has beenreceived from the print client 20 (step S1232: Yes), a connectionbetween the printer 30 and the print client 20 is established (stepS1232). In this connection, security may not necessarily be ensured.

Thereafter, the printer 30 judges whether the print transmitting dataD10 has been received from the network 10 (step S1236). When no printtransmitting data D10 has been received (step S1236: No), the printer 30stands by while repeating the process in step S1236. On the other hand,when the print transmitting data D10 has been received (step S1236:Yes), the printer 30 acquires its own device-specific information (stepS1238).

Subsequently, as shown in FIG. 28, the printer 30 acquires printerposition information on the printer 30 at this point in time from theposition detector 54 (step S1240). The reason why the printer positioninformation is acquired from the position detector 54 each time as justdescribed is in order that, when the printer 30 has been moved to adifferent place, a private key is generated with position informationafter the movement.

Then, the printer 30 creates a passphrase based on the device-specificinformation and the printer position information (step S1242). Themethod of creating the passphrase needs to be the same method as in stepS1222 described above. This is because, if the passphrases aredifferent, the print transmitting data D10 encrypted with the public keytransmitted to the print client cannot be decrypted with a private key.

Thereafter, the printer 30 reads and acquires the random number of theprinter 30 generated in step S1224 and held in the RAM 42 (step S1244).Then, the printer 30 generates a public key and a private key with thegenerated passphrase and the acquired random number by the public keycryptography (step S1246). The passphrase used in step S1246 is the sameas that used in step S1226 described above if the installation positionof the printer 30 has not been moved between these two steps. The randomnumber is also the same as that in step S1226 described above. Hence,the same public key and private key as generated in step 51226 aregenerated. Subsequently, the printer 30 decrypts the received printtransmitting data D10 with the generated private key (step S1248).

Then, the printer 30 judges whether the print transmitting data D10 hasbeen decrypted with the private key (step S1250). When the printtransmitting data D10 has been decrypted (step S1250: Yes), the printer30 executes a print operation by driving the print engine 52 based onthe acquired print job data D05 (step S1252). More specifically, theprinter 30 performs a language interpretation of the print job data D05and generates print request data fitting the print engine 52. Then, bytransmitting this print request data to the print engine 52, printsheets or the like are printed by the print engine 52.

As can be seen from the above, in this embodiment, the private key isgenerated with the passphrase containing at least the printer positioninformation detected by the position detector 54 and the random numberheld in the RAM 42, and when the print transmitting data D10 has beendecrypted with this private key, it is judged that the printtransmitting data D10 matches the printer position information.

At a point in time when the print operation has been properly completed,the printer 30 transmits the print completion notice that the printoperation has been properly completed as the print result information tothe print client 20 (step S1254).

Contrary to this, when it is judged in step S1250 that the printtransmitting data D10 has not been decrypted (step S1250: No), theprinter 30 transmits the undecryptable notice as the print resultinformation to the print client 20 (step S1256). Namely, in thisembodiment, when the private key is generated with the passphrasecontaining at least the printer position information detected by theposition detector 54 and the random number held in the RAM 42 but theprint transmitting data D10 has not been decrypted with this privatekey, it is judged that that the print transmitting data D10 does notmatch the printer position information.

After the process in step S1254 or step S1256, the printer 30 deletesthe random number held in the RAM 42 (step S1258). The process ofdeleting the random number from the RAM 42 is not always a necessaryprocess, but the security of the random number can be increased bydeleting the random number from the RAM 42 every time the process of oneprint job is completed.

Thereafter, the printer 30 releases the connection with the print client20 (step S1260). Then, the printer 30 returns to the aforementionedprocess in step S1200 in FIG. 26.

As described above, according to the print system of this embodiment,the printers 30, 32 each generate a public key and a private key with adifferent random number for each print job by the public keycryptography and transmit the public key to the print clients 20, 22,which can enhance the security of the public key and the private key.

Moreover, a random number used when the public key is transmitted to theprint client 20 is held and the private key is deleted, and hence thesecurity of the private key can be enhanced. Further, since the randomnumber is held, when the print transmitting data D10 encrypted with thepublic key is decrypted, the same private key can be generated againwith the held random number by the public key cryptography and the printtransmitting data D10 can be decrypted.

Furthermore, on the printers 30, 32 side, when the print transmittingdata D10 has not been decrypted with this private key, a print operationof the received print transmitting data D10 is not executed, which canavoid the execution of the print operation with the printers 30, 32 by athird party with dishonest intention.

Fifth Embodiment

In a print system according to the fifth embodiment of the presentinvention, a public key is generated with at least print positioninformation indicating a position where a printer is installed, a printclient acquires this public key, and when the print client transmitsprint data to the printer, the print data is transmitted in the form ofprint transmitting data containing encrypted print data which isgenerated by encrypting the print data with the acquired public key. Theprinter which has received the print transmitting data generates aprivate key again with at least printer position information at thispoint in time at the time of reception and executes a print operationonly when the encrypted print data contained in the print transmittingdata has been decrypted with this private key. Moreover, generally, inthe public key cryptography, a random number is used when a public keyand a private key are generated. In this embodiment, a random numberused when the public key is generated is transmitted to the print clientand held by the print client. When the print client transmits theencrypted print data to the printer, the random number is also containedin the print transmitting data and transmitted to the printer, and theprinter which has received the print transmitting data generates aprivate key again with the random number contained in the printtransmitting data. Thereby, the random number used when the public keyis generated and the random number used when the private key isgenerated to decrypt the encrypted print data become the same, wherebythe same private key is obtained if the printer position information isunchanged. Further details will be given below.

It should be mentioned that the configuration of the print systemaccording to this embodiment is the same as that in FIG. 1 in theaforementioned first embodiment, the configurations of the printers 30,32 are the same as that in FIG. 2 described above, and theconfigurations of the print clients 20, 22 are the same as that in FIG.3 described above.

Next, a brief explanation of a process, for example, when the printclient 20 performs printing with the printer 30 in the print systemaccording to this embodiment will be given.

In this case, the print client 20 previously acquires, for example, fromthe printer 30 a public key of this printer 30 and a random number usedwhen this public key is generated. In this embodiment, these public keyand random number are acquired via the network 10. Namely, the printer30 confirms whether the print client 20 which requests the transmissionof the public key and the random number has rightful authority, and onlywhen the print client has rightful authority, the printer 30 notifiesthe print client of its public key and a random number used when thispublic key is used. The printer 30 generates this public key, with apassphrase containing at least printer position information indicating aposition where the printer 30 is installed and the generated randomnumber by the public key cryptography. The print client 20 has afunction of holding the public key and the random number used when thispublic key is generated by the public key cryptography.

Incidentally, at this time, the printer 30 deletes a generated privatekey. Namely, in the general public key cryptography, a public key and aprivate key are generated at the same time. Therefore, in thisembodiment, even if a private key is generated concomitantly with thegeneration of a public key, the private key is deleted. Consequently,when the installation position of the printer 30 has been moved,encrypted print data which is generated by encryption with a public keygenerated before the movement cannot be decrypted by the printer 30after the movement.

However, the printer 30 need not necessarily notify the print client 20of the public key of the printer 30 and the used random number via thenetwork 10. For example, if a user of the print client 20 has rightfulauthority, he or she can go to the installation place of the printer 30and operate the printer 30, whereby it is also possible that the useroperates a control panel of the printer 30 and acquires the public keyof the printer 30 and the used random number. In this case, it is alsopossible that the user records the public key of the printer 30 and theused random number on a record medium such as a flexible disk and makesthe print client 20 read these public key and random number.

Then, as shown in FIG. 29, the user of the print client 20 generatesdata to be printed, designates the printer 30 for the print client 20,and instructs a print operation. The print client 20 generates the printdata D05 based on the data to be printed. Here, the print data D05 meansoriginal print data needed for a print operation executed by driving theprint engine 52 in the printer 30.

The print client 20 encrypts the print data D05 with the public keyacquired from the printer 30 to generate encrypted print data. Then, theprint client 20 adds the random number acquired also from the printer 30to the encrypted print data to generate the print transmitting data D10.Incidentally, the print transmitting data D10 may contain data otherthan the encrypted print data and the random number shown in FIG. 29.

The printer 30 which has received the print transmitting data D10temporarily stores the received print transmitting data D10 in the RAM42 as shown in FIG. 2. The printer 30 then decrypts the encrypted printdata contained in the print transmitting data D10 with a private key.Namely, the printer 30 generates the private key using a passphrasecontaining at least printer position information and the random numbercontained in the print transmitting data D10 by the public keycryptography.

Subsequently, the printer 30 judges whether the encrypted print data hasbeen decrypted. The printer 30 executes a print operation based on theprint data D05 acquired by decrypting the encrypted print data when theencrypted print data has been decrypted, and does not execute the printoperation when the encrypted print data has not been decrypted.

Next, the contents of the aforementioned process will be explained indetail using flowcharts. First, processes in the print clients 20, 22and the printers 30, 32 when the print clients 20, 22 each acquire apublic key and a random number will be explained.

FIG. 30 is a flowchart explaining a public key request process executedin the print clients 20, 22. This public key request process is realizedby making the CPU 64 read and execute a public key request programstored in the ROM 68 or the hard disk 76 of the print client. In thisembodiment, this public key request process is started and executed whenthe user inputs an instruction to start a process for making a requestfor a public key to the print client.

Incidentally, hereinafter, assuming a case where the print client 20makes a request for a public key to the printer 30, the process will beexplained.

As shown in FIG. 30, in the public key request process, the print client20 first connects with the printer 30 (step S2100). In this embodiment,the print client 20 establishes a connection between the print client 20and the printer 30 by designating the network address of the printer 30.Moreover, in this embodiment, the connection between the print client 20and the printer 30 is established after security is ensured by the SSL(Secure Socket Layer) communication or the like.

Thereafter, the print client 20 transmits authentication information tothe printer 30 (step S2102). In this embodiment, a combination of aprint client ID to specify the print client and a password is used asthe authentication information. Accordingly, the print client 20transmits the print client ID and the password to the printer 30.

Subsequently, the print client 20 receives an authentication resultindicating whether authentication has been accepted from the printer 30,and judges whether the authentication has been accepted by the printer30 based on the authentication result (step S2104). When theauthentication has not been accepted (step S2104: No), the print client20 repeats the aforementioned process from step S2102.

On the other hand, when the authentication has been accepted (stepS2104: Yes), the print client 20 transmits a public key acquisitionrequest to the printer 30 (step S2106). Then, the print client 20 judgeswhether a public key and a random number used when the public key isgenerated have been received from the printer 30 (step S2108). When thepublic key and the random number have not been received from the printer30 (step S2108: No), the print client 20 stands by while repeating stepS2108.

On the other hand, when the public key and the random number have beenreceived from the printer 30 (step S2108: Yes), these public key andrandom number are stored (step S2110). In this embodiment, the printclient 20 is provided with a public key table TB210 on the hard disk 76,and the acquired public key and random number are stored and held inthis public key table TB210.

FIG. 31 is a diagram showing an example of the structure of the publickey table TB210. As shown in FIG. 31, the public key table TB210includes the item TD10 which stores information to specify printers, theitem TD11 which stores acquired public keys in a one-to-onecorrespondence with the printers, and an item TD12 which stores acquiredrandom numbers in a one-to-one correspondence with the printers. As justdescribed, the public key table TB210 can hold public keys and randomnumbers concerning plural printers on a printer-by-printer basis.Moreover, by storing the public keys and the random numbers in thepublic key table TB210 on the hard disk 76 in this manner, even when theprint client 20 is powered off and then powered on again, the publickeys and random numbers acquired before the power-on can be read fromthe hard disk 76 and used as they are.

By storing the acquired public key and random number in the public keytable TB210, the public key request process shown in FIG. 30 iscompleted.

Next, a public key transmission process executed in the printers 30, 32corresponding to the public key request process in the print clients 20,22 will be explained based on FIG. 32 and FIG. 33. FIG. 32 and FIG. 33are flowcharts explaining the public key transmission process executedin the printers 30, 32. The public key transmission process is realizedby making the CPU 40 read and execute a public key transmission programstored in the ROM 44 or the hard disk 58 of the printer. Moreover, thispublic key transmission process is started corresponding to theaforementioned public key request process.

Also here, similarly to the above, assuming the case where the printclient 20 makes the request for the public key to the printer 30, thefollowing explanation is given.

As shown in FIG. 32, first, the printer 30 establishes a connection withthe print client 20 (step S2120). This corresponds to the aforementionedstep S2100 on the print client 20 side. Namely, the connection isestablished after security is ensured by the SSL communication or thelike. Subsequently, the printer 30 judges whether the authenticationinformation has been received from the print client 20 (step S2122).When the authentication information has not been received (step S2122:No), the printer 30 stands by while repeating the process in step S2122.

On the other hand, when the authentication information has been receivedfrom the print client 20 (step S2122: Yes), the printer 30 judgeswhether this authentication information coincides with authenticationinformation which is previously registered with the printer 30 (stepS2124). More specifically, since the print client ID and the passwordare transmitted as the authentication information from the print client20 as described above, the printer 30 judges whether these print clientID and password coincide with a print client ID and a password which arepreviously registered with the printer 30.

When these two pieces of authentication information do not coincide(step S2124: No), the printer 30 transmits the authentication resultindicating that the authentication has not been accepted to the printclient 20 (step S2126) and returns to the process in step S2122. On theother hand, when these two pieces of authentication information coincide(step S2124: Yes), the printer 30 transmits the authentication resultindicating that the authentication has been accepted to the print client20 (step S2128).

Thereafter, the printer 30 judges whether the public key acquisitionrequest has been received from the print client 20 (step S2130). Whenthe public key acquisition request has not been received (step S2130:No), the printer 30 stands by while repeating the process in step S2130.

On the other hand, when the public key acquisition request has beenreceived from the print client 20 (step S2130: Yes), the printer 30acquires device-specific information on the printer 30 (step S2132).Here, the device-specific information is identification informationspecifically assigned to the printer 30, and it is, for example, amanufacturer's serial number, a MAC address, or the like of the printer30.

Then, as shown in FIG. 33, the printer 30 acquires printer positioninformation on the printer 30 at this point in time from the positiondetector 54 (step S2140). The reason why the printer positioninformation is acquired from the position detector 54 each time as justdescribed is in order that, when the printer 30 has been moved to adifferent place, a public key is generated with position informationafter the movement.

Subsequently, the printer 30 creates a passphrase with thedevice-specific information and the printer position information (stepS2142). There are various methods of creating the passphrase, and inthis embodiment, the passphrase is created by simply joining the printerposition information after the device-specific information.Incidentally, the passphrase may contain data other than thesedevice-specific information and printer position information.

Thereafter, the printer 30 generates a random number (step S2144).Subsequently, the printer 30 generates a public key and a private keywith the passphrase created in step S2142 and the random numbergenerated in step S2144 by the public key cryptography (step S2146). Thepublic key cryptography has the property that the same public key andprivate key are generated again if the same passphrase and random numberare used. Then, the printer 30 transmits only the public key out of thegenerated public key and private key and the random number used whenthese public key and private key are generated to the print client 20(step S2148). Incidentally, the private key is deleted without beingsaved. Thus, the public key transmission process according to thisembodiment is completed.

Next, processes in the print clients 20, 22 and the printers 30, 32 whenthe print clients 20, 22 want to perform printing and transmit a printrequest to the printers 30, 32 will be explained in detail.

FIG. 34 is a flowchart explaining a print request process executed inthe print clients 20, 22. This print request process is realized bymaking the CPU 64 read and execute a print request program stored in theROM 68 or the hard disk 76 of the print client. In this embodiment, thisprint request process is started and executed when the user inputs aprint instruction to the print client.

Here, assuming a case where the print client 20 makes a print request tothe printer 30, the following explanation is given.

As shown in FIG. 34, the print client 20 generates the print data D05based on a print request from the user (step S2160). This print data D05is data necessary for an actual print operation when the printer 30 isan ordinary printer.

Then, the print client 20 reads the public key of the printer 30 and therandom number used when this public key is generated from the public keytable TB210 on the hard disk 76 (step S2162). Subsequently, the printclient 20 encrypts the print data D05 with the public key of the printer30 to generate encrypted print data (step S2164).

Thereafter, the print client 20 adds the random number read in stepS2162 to the generated encrypted print data to generate the printtransmitting data D10 (step S2165). Incidentally, the print transmittingdata D10 may contain data other than these print data and random number.

Then, the print client 20 transmits the generated print transmittingdata D10 to the printer 30 (step S2166). More specifically, the printclient 20 designates the network address of the printer 30 and sends outthe print transmitting data D10 to the network 10.

Subsequently, the print client 20 judges whether print resultinformation has been received from the printer 30 (step S2168). When theprint result information has not been received (step S2168: No), theprint client 20 stands by while repeating the process in step S2168. Onthe other hand, when the print result information has been received(step S2168: Yes), the print client 20 judges whether the print resultinformation is a print completion notice (step S2170).

When this print result information is the print completion notice (stepS2170: Yes), it means that the printer 30 has properly completed theprint operation, and hence the print client 20 notifies the user thatthe printer 30 has completed the print operation (step S2172). On theother hand, when the received print result information is not the printcompletion notice (step S2170: No), whether the print result informationis an undecryptable notice is judged (step S2174).

When the print result information is the undecryptable notice (stepS2174: Yes), the print client 20 notifies the user that since the printtransmitting data D10 has not been decrypted by the printer 30, theprint operation has not been executed (step S2176). On the other hand,when the print result information is not the undecryptable notice (stepS2174: No), some other error is thought to occur, and hence the printclient 20 gives notice according to the type of the error to the user(step S2178).

By the notice in step S2172, step S2176, or step S2178, the printrequest process in the print client 20 is completed.

Next, a print execution process executed in the printers 30, 32corresponding to the print request process in the print clients 20, 22will be explained based on FIG. 35. FIG. 35 is a flowchart explainingthe print execution process executed in the printers 30, 32. This printexecution process is realized by making the CPU 40 read and execute aprint execution program stored in the ROM 44 or the hard disk 58 of eachof the printers 30, 32. In this embodiment, this print execution processis regularly executed at predetermined time intervals.

Also here, similarly to the above, assuming the case where the printclient 20 makes the print request to the printer 30, the followingexplanation is given.

As shown in FIG. 35, the printer 30 judges whether the printtransmitting data D10 has been received from the network 10 (stepS2180). When no print transmitting data D10 has been received (stepS2180: No), the printer 30 stands by while repeating the process in stepS2180.

On the other hand, when the print transmitting data D10 has beenreceived (step S2180: Yes), the printer 30 acquires its owndevice-specific information (step S2182). Subsequently, the printer 30acquires printer position information on the printer 30 at this point intime from the position detector 54 (step S2184). The reason why theprinter position information is acquired from the position detector 54each time as just described is that, when the printer 30 has been movedto a different place, there is a possibility that the printer 30 isinstalled in a place where the user does not intend to perform printing,and in order that in such a case, the print operation is not executed bythe printer 30.

Then, the printer 30 creates a passphrase based on the device-specificinformation and the printer position information (step S2186). Themethod of creating the passphrase needs to be the same method as in step52142 in the aforementioned public key transmission process. This isbecause, if the passphrases are different, the encrypted print dataencrypted with the public key transmitted to the print client cannot bedecrypted with a private key.

Thereafter, the printer 30 acquires the random number contained in theprint transmitting data D10 (step S2188). Then, the printer 30 generatesa public key and a private key with the generated passphrase and theacquired random number by the public key cryptography (step S2190). Thepassphrase used in step S2190 is the same as that used in step S2146 inthe aforementioned public key transmission process if the installationposition of the printer 30 has not been moved. The random number used instep S2190 should be also the same as that used in step S2146. Hence,the same public key and private key as generated in step S2146 aregenerated. Subsequently, the printer 30 decrypts the encrypted printdata contained in the print transmitting data D10 with the generatedprivate key and acquires the print data D05 (step S2192).

Then, the printer 30 judges whether the encrypted print data has beendecrypted with the private key (step S2194). When the encrypted printdata has been decrypted (step S2194: Yes), the printer 30 executes aprint operation by driving the print engine 52 based on the acquiredprint data D05 (step S2196). More specifically, the printer 30 performsa language interpretation of the print data D05 and generates printrequest data fitting the print engine 52. Then, by transmitting thisprint request data to the print engine 52, print sheets or the like areprinted by the print engine 52.

As can be seen from the above, in this embodiment, the private key isgenerated with the passphrase containing at least the printer positioninformation detected by the position detector 54 and the random numbertransmitted along with the encrypted print data, and when the encryptedprint data has been decrypted with this private key, it is judged thatthe encrypted print data matches the printer position information.

At a point in time when the print operation has been properly completed,the printer 30 transmits the print completion notice that the printoperation has been properly completed as the print result information tothe print client 20 (step S2198). Then, the printer 30 returns to theaforementioned process in step S2180.

Contrary to this, when it is judged in step S2194 that the encryptedprint data has not been decrypted (step S2194: No), the printer 30transmits the undecryptable notice as the print result information tothe print client 20 (step S2200). Namely, in this embodiment, when theprivate key is generated with the passphrase containing at least theprinter position information detected by the position detector 54 andthe random number transmitted along with the encrypted print data butthe encrypted print data has not been decrypted with this private key,it is judged that the encrypted print data does not match the printerposition information. Then, the printer 30 returns to the aforementionedprocess in step S2180.

As described above, according to the print system of this embodiment,the print clients 20, 22 can limit a printer able to print the encryptedprint data, which is transmitted after encryption, based on printerposition information, so that the execution of a print operation by aprinter installed in a position where the users of the print clients 20,22 do not intend to perform printing can be avoided. For example, evenif the print transmitting data D10 containing the encrypted print datais transmitted by mistake to the printer 30 from the print client 20when the printer 30 has been moved to a different place but the networkaddress of the printer 30 in the network 10 remains unchanged, theprinter position information is changed in the printer 30, whereby thepassphrase created in step S2186 becomes different from that before themovement. Hence, the encrypted print data contained in the printtransmitting data D10 cannot be decrypted with a private key generatedwith this passphrase, and thereby the print operation cannot be executedby the printer 30. Consequently, the security of the print data D05 canbe enhanced.

On the other hand, also on the printers 30, 32 side, the transmission ofprint data to the printers 30, 32 by somebody who is not duly authorizedto perform printing with the printers 30, 32 and the execution of alarge print operation by the printers 30, 32 can be avoided. Forexample, even if a third party can know the network address of theprinter 30 for some reason and tries to transmit the print data to theprinter 30, the third party cannot acquire the public key of the printer30. Even if this user encrypts the print data D05 with a differentpublic key and generates the print transmitting data D10 containing theencrypted print data or generates the print transmitting data D10containing the unencrypted print data and transmits the printtransmitting data D10 to the printer 30, it is judged in step S2194 ofthe print execution process that the print data has not been decrypted,and hence it becomes impossible to make the printer 30 execute the printoperation. Consequently, the security of the printer 30 itself can beenhanced.

Moreover, in this embodiment, the passphrase contains thedevice-specific information, and hence even if the third party can knowthe position of the printer 30 for some reason, the passphrase used inthe printer 30 cannot be specified unless the device-specificinformation on the printer 30 is known. This makes it extremelydifficult for the third party to disguise itself as the printer toreceive the print transmitting data D10 and decrypt the encrypted printdata contained in this print transmitting data D10.

Further, the random number is generated for each of the print clients20, 22, and each of the print clients 20, 22 holds this random numbertogether with the public key in a rewritable nonvolatile memory devicesuch as a hard disk. The print clients 20, 22 each transmit this randomnumber along with the encrypted print data obtained by encrypting theprint data, whereby the printers 30, 32 can use the same random numberas used when the public key is generated when generating the privatekey. Therefore, the private key capable of decrypting the encryptedprint data which is encrypted with the public key generated using thisrandom number can be generated again.

Sixth Embodiment

In the sixth embodiment of the present invention, the print clients 20,22 each hold a public key and a random number used when this public keyis generated for each of printers and each of users. This makes it moredifficult for a third party to guess the random number. Further detailswill be given below.

It should be mentioned that the configuration of a print systemaccording to this embodiment is the same as that in FIG. 1 in theaforementioned first embodiment, the configurations of the printers 30,32 are the same as that in FIG. 2 described above, and theconfigurations of the print clients 20, 22 are the same as that in FIG.3 described above. Moreover, a public key transmission process and aprint execution process executed in the printers 30, 32 according tothis embodiment are the same as those in the aforementioned fifthembodiment.

FIG. 36 is a flowchart explaining a part of a public key request processexecuted in the print clients 20, 22 according to this embodiment andcorresponds to FIG. 30 in the aforementioned fifth embodiment.

As shown in FIG. 36, the public key request process according to thisembodiment is the same as that according to the aforementioned fifthembodiment until the process of receiving the public key and the randomnumber shown in step S2108, but different therefrom in the process inthe next step S2300. Namely, when the public key and the random numberhave been received (step S2108: Yes), the print client 20 according tothis embodiment stores these public key and random number in a publickey table TB220 on a printer-by-printer basis and on a user-by-userbasis.

FIG. 37 is a diagram showing an example of the structure of the publickey table TB220 according to this embodiment. As shown in FIG. 37, thepublic key table TB220 in this embodiment includes an item TD20 whichstores user IDs as an data item in addition to the public key tableTB210 in the aforementioned fifth embodiment. Namely, in thisembodiment, the print client 20 stores a public key and a random numberfor each user ID. Moreover, in the public key table TB220 in thisembodiment, a table is formed for each of the printers. Therefore, evenin the case of the same user ID, different public keys and randomnumbers can be held if printers are different.

By storing these public key and random number in the public key tableTB220, the public key request process according to this embodiment iscompleted.

Next, a print request process executed in the print clients 20, 22according to this embodiment will be explained based on FIG. 38. FIG. 38is a flowchart explaining the print request process executed in theprint clients 20, 22 according to this embodiment.

As shown in FIG. 38, the print request process according to thisembodiment is different from that according to the aforementioned fifthembodiment in the process of reading a public key and a random number.Namely, after generating the print data D05 in step S2160, the printclient 20 acquires an user ID (step S2310). In other words, the printclient 20 acquires a user ID of a user who gives the printer 30 a printinstruction. The user may be requested to input this user ID wheninputting the print instruction to the print client 20 or the user maybe requested to input this user ID as authentication when using theprint client 20.

Then, the print client 20 reads a public key and a random number storedwith respect to this user ID in a table of a printer to which a printrequest is made from the public key table TB220 in FIG. 37 (step S2312).More specifically, in the public key table TB220 in this embodiment,tables are formed for respective printers, whereby the public key andthe random number registered with respect to this user ID are read fromthe table of the printer which prints the print data D05 generated instep S2160. The process thereafter is the same as in the aforementionedfifth embodiment.

As described above, the same effect as in the aforementioned fifthembodiment can be obtained also by the print system according to thisembodiment. Moreover, according to the print system of this embodiment,the print clients 20, 22 each hold a public key and a random number foreach of printers and each of users, which can make it extremelydifficult for the third party to guess the random number.

Seventh Embodiment

In a print system according to the seventh embodiment of the presentinvention, a random number is generated for each print job, a public keyis generated with the generated random number and a passphrasecontaining at least printer position information indicating a positionwhere a printer is installed, and these public key and random number aretransmitted from the printer to a print client. The print clientencrypts print job data with this public key to generate encrypted printjob data, and adds the random number transmitted from the printer to theencrypted print job data to generate print transmitting data. The printclient then transmits this print transmitting data to the printer. Theprinter which has received this print transmitting data generates aprivate key again with a passphrase containing at least printer positioninformation at this point in time and the random number contained in theprint transmitting data at the time of reception, and executes a printoperation only when the encrypted print job data has been decrypted withthis private key. Further details will be given below.

It should be mentioned that the configuration of the print systemaccording to this embodiment is the same as that in FIG. 1 in theaforementioned first embodiment, the configurations of the printers 30,32 are the same as that in FIG. 2 described above, and theconfigurations of the print clients 20, 22 are the same as that in FIG.3 described above.

Next, a brief explanation of a process, for example, when the printclient 20 performs printing with the printer 30 in the print systemaccording to this embodiment will be given.

In this case, the print client 20 first acquires a public key and arandom number used when this public key is generated from the printer30. In this embodiment, a public key and a random number are acquiredfor each print job via the network 10. Namely, the printer 30 confirmswhether the print client 20 which requests the transmission of a publickey has rightful authority, and only when the print client has rightfulauthority, the printer 30 transmits a newly generated public key and arandom number used when this public key is generated to the print client20. The printer 30 generates the public key with a passphrase at leastcontaining printer position information indicating a position where theprinter 30 is installed and a random number generated for each print jobby the printer 30 by the public key cryptography. The printer 30 deletesthe random number used when the public key is generated since the randomnumber need not be held.

Moreover, at this time, a generated private key is also deleted. Namely,in the general public key cryptography, a public key and a private keyare generated at the same time. Therefore, in this embodiment, even if aprivate key is generated concomitantly with the generation of a publickey, the private key is deleted. Consequently, the possibility of a leakof the private key generated by the printer 30 can be reduced to aminimum.

Then, as shown in FIG. 29, the user of the print client 20 generatesdata to be printed, designates the printer 30 for the print client 20,and instructs a print operation. The print client 20 generates the printjob data D05 based on the data to be printed. Here, the print job dataD05 means original print data needed for a print operation executed bydriving the print engine 52 in the printer 30.

The print client 20 encrypts the print job data D05 with the previouslyacquired public key of the printer 30 to generate encrypted print jobdata. Then, the print client 20 adds the random number also acquiredfrom the printer 30 to the encrypted print job data to generate theprint transmitting data D10. Incidentally, the print transmitting dataD10 may contain data other than the encrypted print data and the randomnumber shown in FIG. 29.

The printer 30 which has received the print transmitting data D10temporarily stores the received print transmitting data D10 in the RAM42 as shown in FIG. 2. The printer 30 then decrypts the encrypted printjob data contained in the print transmitting data D10 with a privatekey. Namely, the printer 30 generates the private key using a passphrasecontaining at least printer position information and the random numbercontained in the print transmitting data D10 by the public keycryptography. Then, the printer 30 decrypts the encrypted print job datacontained in the print transmitting data D10 with this private key.

Subsequently, the printer 30 judges whether the encrypted print job datahas been decrypted. The printer 30 executes a print operation based onthe print job data D05 acquired by decrypting the encrypted print jobdata when the encrypted print job data has been decrypted, and does notexecute the print operation when the encrypted print job data has notbeen decrypted.

Next, the contents of the aforementioned process will be explained indetail using flowcharts. First, a print request process which is aprocess when the print clients 20, 22 each make a print request to theprinters 30, 32 will be explained.

FIG. 39 and FIG. 40 are flowcharts explaining the print request processexecuted in the print clients 20, 22. This print request process isrealized by making the CPU 64 read and execute a print request programstored in the ROM 68 or the hard disk 76 of the print client. In thisembodiment, this print request process is started and executed when theuser inputs an instruction to execute a print operation to the printclients 20, 22.

Incidentally, hereinafter, assuming a case where the print client 20makes a print request to the printer 30, the process will be explained.

As shown in FIG. 39, in this print request process, the print client 20first transmits a connection request to the printer 30 via the network(step S3100). Then, a connection between the print client 20 and theprinter 30 is established (step S3102). In this embodiment, theconnection between the print client 20 and the printer 30 is establishedafter security is ensured by the SSL (Secure Socket Layer) communicationor the like.

Thereafter, the print client 20 transmits authentication information tothe printer 30 (step S3104). In this embodiment, a combination of aprint client ID to specify the print client and a password is used asthe authentication information. Accordingly, the print client 20transmits the print client ID and the password to the printer 30.

Subsequently, the print client 20 receives an authentication resultindicating whether authentication has been accepted from the printer 30,and judges whether the authentication has been accepted by the printer30 based on the authentication result (step S3106). When theauthentication has not been accepted (step S3106: No), the print client20 repeats the aforementioned process from step S3104.

On the other hand, when the authentication has been accepted (stepS3106: Yes), the print client 20 transmits a public key acquisitionrequest to the printer 30 (step S3108). Then, the print client 20 judgeswhether a public key and a random number used when this public key isgenerated have been received from the printer 30 (step S3110). When thepublic key and the random number have not been received from the printer30 (step S3110: No), the print client 20 stands by while repeating stepS3110.

On the other hand, when the public key and the random number have beenreceived from the printer 30 (step S3110: Yes), these public key andrandom number are stored (step S3112). In this embodiment, the printclient 20 temporarily stores and holds these public key and randomnumber in the RAM 66 (See FIG. 3). By storing the public key and therandom number in the RAM 66 as just described, the public key and therandom number are automatically erased when the print client 20 ispowered off, which can increase the secrecy of the public key and therandom number.

Then, the print client 20 releases the connection with the printer (stepS3114). Namely, the connection established between the print client 20and the printer 30 while the security is ensured by the SSLcommunication or the like is released. The release of the connection isnot always a necessary process, but the connection is released in thisembodiment, since the print job data D05 to be transmitted in step S3126described later is separately encrypted with the public key, and hencethe need for ensure the security of the connection itself is small inthe process thereafter.

Thereafter, as shown in FIG. 40, the print client 20 generates the printjob data D05 based on a print request from the user (step S3120). Thisprint job data D05 is an unencrypted data which becomes necessary forthe execution of a print operation by the printer 30.

Then, the print client 20 reads the public key and the random numberstored in step S3112 from the RAM 66 (step S3122). Subsequently, theprint client 20 encrypts the print job data D05 with this public key togenerate encrypted print job data (step S3124).

Thereafter, the print client 20 adds the random number read in stepS3122 to the encrypted print job data generated in step S3124 togenerate the print transmitting data D10 (step S3125). Incidentally, theprint transmitting data D10 may contain data other than these encryptedprint job data and random number.

Then, the print client 20 transmits the print transmitting data D10 tothe printer 30 (step S3126). More specifically, the print client 20designates the network address of the printer 30 and sends out the printtransmitting data D10 to the network 10.

Subsequently, the print client 20 judges whether print resultinformation has been received from the printer 30 (step S3128). When theprint result information has not been received (step S3128: No), theprint client 20 stands by while repeating the process in step S3128. Onthe other hand, when the print result information has been received(step S3128: Yes), the print client 20 judges whether the print resultinformation is a print completion notice (step S3130).

When this print result information is the print completion notice (stepS3130: Yes), it means that the printer 30 has properly completed theprint operation, and hence the print client 20 notifies the user thatthe printer 30 has completed the print operation (step S3132). On theother hand, when the received print result information is not the printcompletion notice (step S3130: No), whether the print result informationis an undecryptable notice is judged (step S3134).

When the print result information is the undecryptable notice (stepS3134: Yes), the print client 20 notifies the user that since the printtransmitting data D10 has not been decrypted by the printer 30, theprint operation has not been executed (step S3136). On the other hand,when the print result information is not the undecryptable notice (stepS3134: No), some other error is thought to occur, and hence the printclient 20 gives notice according to the type of the error to the user(step S3138).

After the notice in step S3132, step S3136, or step S3138, the printclient 20 deletes the public key and the random number stored in the RAM66 in step S3112 (step S3140). This process in step S3140 is not alwaysa necessary process, but in this embodiment, to improve the secrecy ofthe public key and the random number, the acquired public key and randomnumber are deleted every time the process of one print job is completed.Thus, the print request process in the print client 20 is completed.

Next, a print execution process executed in the printers 30, 32corresponding to the print request process in the print clients 20, 22will be explained based on FIG. 41 to FIG. 43. FIG. 41 to FIG. 43 areflowcharts explaining the print execution process executed in theprinters 30, 32. This print execution process is realized by making theCPU 40 read and execute a print execution program stored in the ROM 44or the hard disk 58 of the printer. This print execution process isregularly executed at predetermined time intervals.

Also here, similarly to the above, assuming the case where the printclient 20 makes the print request to the printer 30, the followingexplanation is given.

As shown in FIG. 41, the printer 30 first judges whether the connectionrequest has been received from the print client 20 via the network 10(step S3200). When the connection request has not been received from theprint client 20 (step S3200: No), the printer 30 stands by whilerepeating the process in step S3200. Then, as described above, aftersecurity has been ensured by the SSL communication or the like, aconnection between the printer 30 and the print client 20 is established(step S3202).

Then, the printer 30 judges whether the authentication information hasbeen received from the print client 20 (step S3204). When theauthentication information has not been received (step S3204: No), theprinter 30 stands by while repeating the process in step S3204.

On the other hand, when the authentication information has been receivedfrom the print client 20 (step S3204: Yes), the printer 30 judgeswhether this authentication information coincides with authenticationinformation which is previously registered with the printer 30 (stepS3206). More specifically, since the print client ID and the passwordare transmitted as the authentication information from the print client20 as described above, the printer 30 judges whether these print clientID and password coincide with a print client ID and a password which arepreviously registered on the hard disk 58 or the like of the printer 30.

When these two pieces of authentication information do not coincide(step S3206: No), the printer 30 transmits the authentication resultindicating that the authentication has not been accepted to the printclient 20 (step S3208) and returns to the process in step S3204. On theother hand, when these two pieces of authentication information coincide(step S3206: Yes), the printer 30 transmits the authentication resultindicating that the authentication has been accepted to the print client20 (step S3210).

Thereafter, the printer 30 judges whether the public key acquisitionrequest has been received from the print client 20 (step S3212). Whenthe public key acquisition request has not been received (step S3212:No), the printer 30 stands by while repeating the process in step S3212.

On the other hand, when the public key acquisition request has beenreceived from the print client 20 (step S3212: Yes), the printer 30acquires device-specific information on the printer 30 (step S3214).Here, the device-specific information is identification informationspecifically assigned to the printer 30, and it is, for example, amanufacturer's serial number, a MAC address, or the like of the printer30.

Then, as shown in FIG. 42, the printer 30 acquires printer positioninformation on the printer 30 at this point in time from the positiondetector 54 (step S3220). The reason why the printer positioninformation is acquired from the position detector 54 each time as justdescribed is in order that, when the printer 30 has been moved to adifferent place, a public key is generated with position informationafter the movement.

Subsequently, the printer 30 creates a passphrase with thedevice-specific information and the printer position information (stepS3222). There are various methods of creating the passphrase, and inthis embodiment, the passphrase is created by simply joining the printerposition information after the device-specific information.Incidentally, the passphrase may contain data other than thesedevice-specific information and printer position information.

Then, the printer 30 generates one random number (step S3224).Thereafter, the printer 30 generates a public key and a private key withthe passphrase created in step S3222 and the random number generated instep S3224 by the public key cryptography (step S3226). The public keycryptography has the property that the same public key and private keyare generated again if the same passphrase and random number are used.Then, the printer 30 transmits the public key and the random number usedwhen this public key is generated to the print client 20 (step 53228).Incidentally, the private key and the random number are deleted withoutbeing saved after the public key and the random number are transmittedto the print client 20.

Subsequently, the printer 30 releases the connection with the printclient 20 (step S3230). This process is a process corresponding to stepS3114 in the aforementioned print request process. Moreover, the processin step S3230 is not always a necessary process as described above.

Then, the printer 30 judges whether the print transmitting data D10 hasbeen received from the network 10 (step S3232). When no printtransmitting data D10 has been received (step S3232: No), the printer 30stands by while repeating the process in step S3232. On the other hand,when the print transmitting data D10 has been received (step S3232:Yes), the printer 30 acquires its own device-specific information (stepS3234).

Subsequently, as shown in FIG. 43, the printer 30 acquires printerposition information on the printer 30 at this point in time from theposition detector 54 (step S3240). The reason why the printer positioninformation is acquired from the position detector 54 each time as justdescribed is in order that, when the printer 30 has been moved to adifferent place, a private key is generated with position informationafter the movement.

Then, the printer 30 creates a passphrase based on the device-specificinformation and the printer position information (step S3242). Themethod of creating the passphrase needs to be the same method as in stepS3222 described above. This is because, if the passphrases aredifferent, the print transmitting data D10 encrypted with the public keytransmitted to the print client cannot be decrypted with a private key.

Thereafter, the printer 30 acquires the random number contained in thereceived print transmitting data D10 (step S3244). Then, the printer 30generates a public key and a private key with the generated passphraseand the acquired random number by the public key cryptography (stepS3246). The passphrase used in step S3246 is the same as that used instep S3226 described above if the installation position of the printer30 has not been moved between these two steps. The random number alsoought to be the same as that in step S3226 described above if the printtransmitting data D10 is transmitted by the duly authorized print client20. Hence, the same public key and private key as generated in stepS3226 are generated in step S3246. Subsequently, the printer 30 decryptsthe encrypted print job data contained in the received printtransmitting data D10 with the generated private key (step S3248).

Then, the printer 30 judges whether the encrypted print job data hasbeen decrypted with the private key (step S3250). When the encryptedprint job data has been decrypted (step S3250: Yes), the printer 30executes a print operation by driving the print engine 52 based on theprint job data D05 obtained by decrypting the encrypted print job data(step S3252). More specifically, the printer 30 performs a languageinterpretation of the print job data D05 and generates print requestdata fitting the print engine 52. Then, by transmitting this printrequest data to the print engine 52, print sheets or the like areprinted by the print engine 52.

As can be seen from the above, in this embodiment, the private key isgenerated with the passphrase containing at least the printer positioninformation detected by the position detector 54 and the random numbercontained in the print transmitting data D10, and when the encryptedprint job data has been decrypted with this private key, it is judgedthat the encrypted print job data matches the printer positioninformation.

At a point in time when the print operation has been properly completed,the printer 30 transmits the print completion notice that the printoperation has been properly completed as the print result information tothe print client 20 (step S3254).

Contrary to this, when it is judged in step S3250 that the encryptedprint job data has not been decrypted (step S3250: No), the printer 30transmits the undecryptable notice as the print result information tothe print client 20 (step S3256). Namely, in this embodiment, when theprivate key is generated with the passphrase containing at least theprinter position information detected by the position detector 54 andthe random number contained in the print transmitting data D10 but theencrypted print job data has not been decrypted with this private key,it is judged that that the encrypted print job data does not match theprinter position information.

After the process in step S3254 or step S3256, the printer 30 returns tothe aforementioned process in step S3200 in FIG. 41.

As described above, according to the print system of this embodiment,the printers 30, 32 each generate a public key and a private key with adifferent random number for each print job by the public keycryptography and transmit the public key and the random number to theprint clients 20, 22, which can enhance the security of the public key,the private key, and the random number.

Moreover, the public key and the random number used when this public keyis generated are transmitted to the print client 20, and on the printer30 side, the private key and the random number are deleted, which canensure the security of the private key. Further, the print clients 20,22 temporarily hold the random number and return this random numbertogether with encrypted print job data to the printers 30, 32. Hence,when the encrypted print job data encrypted with the public key isdecrypted by the printers 30, 32, the same private key can be generatedagain with the random number transmitted together with the encryptedprint job data by the public key cryptography, and the encrypted printjob data can be decrypted.

Furthermore, on the printers 30, 32 side, when the encrypted print jobdata cannot be decrypted with this private key, a print operation of thereceived encrypted print job data is not executed, which can avoid theexecution of the print operation with the printers 30, 32 by a thirdparty with dishonest intention.

It should be mentioned that the present invention is not limited to theaforementioned embodiments, and various changes may be made therein. Forexample, in the aforementioned embodiments, the case where “a givennumber” used when a public key and a private key are generated is arandom number is explained as an example, but the given number is notlimited to the random number. For example, natural numbers in ascendingorder may be used as given numbers in such a manner that the givennumber is “1” in the first generation of a public key and a private keyin the printer, the given number is “2” in the second generation of apublic key and a private key, and that the given number is “3” in thethird generation of a public key and a private key.

Alternatively, even numbers in ascending order or odd numbers inascending order may be used as the given numbers. In other words, thegiven number may be generated using a predetermined algorithm.

Moreover, as shown in FIG. 44 to FIG. 46, instead of a given number, analgorithm used when the given number is derived (for example, an evennumber in ascending order) and additional information necessary forderiving the given number using the algorithm (for example, a firsttime) may be transmitted from the printers 30, 32 to the print clients20, 22.

In this case, as shown in FIG. 44, when making a print request, theprint clients 20, 22 may transmit the given number itself to theprinters 30, 32. In this case, the print clients 20, 22 may holdinformation which specifies the algorithm and the necessary informationreceived from the printers 30, 32 or may generate the given number andhold the given number.

Further, as shown in FIG. 45, when making the print request, the printclients 20, 22 may transmit the algorithm and the additional informationto the printers 30, 32. In this case, the print clients 20, 22 hold theinformation which specifies the algorithm and the necessary information.

Furthermore, as shown in FIG. 46, when making the print request, theprint clients 20, 22 may transmit only the additional information to theprinters 30, 32 without transmitting the algorithm. This is because thealgorithm used when the public key and the private key are generated isfixedly determined in the printers 30, 32 in some cases.

The present invention is explained with the print client as an exampleof a data transmitting device which transmits data whose security is tobe ensured and the printer as an example of a data receiving devicewhich receives the data in the aforementioned embodiments, but acombination of the data transmitting device and the data receivingdevice in a data transmitting and receiving system is not limited tothat in the aforementioned embodiments.

For example, in the data transmitting and receiving system, the datatransmitting device may be a digital camera for taking images and thedata receiving device may be a data server which stores data on theimages taken by the digital camera. In this case, data to be transmittedfrom the digital camera is encrypted with a public key received from thedata server, and the data server which has received this data generatesa private key by the aforementioned method to decrypt the data. Whenthis received data has been decrypted, the data is stored, and when thedata has not been decrypted, the data is not stored.

Moreover, in the data transmitting and receiving system, the datatransmitting device may be a personal computer and the data receivingdevice may be a projector which projects image data transmitted from thepersonal computer. In this case, data to be transmitted from thepersonal computer is encrypted with a public key received from theprojector, and the projector which has received this data generates aprivate key by the aforementioned method to decrypt the data. When thisreceived data has been decrypted, the data is projected, and when thedata has not been decrypted, the data is not projected.

Further, in the data transmitting and receiving system, the datatransmitting device may be a content server for music or the like andthe data receiving device may be a playback device for content data suchas music transmitted from the content server. In this case, data to betransmitted from the content server is encrypted with a public keyreceived from the playback device, and the playback device which hasreceived this data generates a private key by the aforementioned methodto decrypt the data. When this received data has been decrypted, thedata is played back, and when the data has not been decrypted, the datais not played back.

Furthermore, the aforementioned embodiments are explained with the casewhere a print medium for the printers 30, 32 is a print sheet as anexample, but the print medium is not limited to this, and the presentinvention can be applied to other print media such as an OHP sheet andthe like.

Besides, as for each process explained in the aforementionedembodiments, it is possible to record a program to execute each processon a record medium such as a flexible disk, a CD-ROM (Compact Disc-ReadOnly Memory), a ROM, a memory card, or the like and distribute thisprogram in the form of the record medium. In this case, theaforementioned embodiments can be realized by making the print clients20, 22 and/or the printers 30, 32 read the record medium on which thisprogram is recorded and execute this program.

Additionally, the print clients 20, 22 and/or the printers 30, 32sometimes have other programs such as an operating system, otherapplication programs, and the like. In this case, by using these otherprograms in the print clients 20, 22 and/or the printers 30, 32, acommand, which calls a program to realize a process equal to that in theaforementioned embodiments out of programs in the print clients 20, 22and/or the printers 30, 32, may be recorded on the record medium.

Moreover, such a program can be distributed not in the form of therecord medium but in the form of a carrier wave via a network. Theprogram transmitted in the form of the carrier wave over the network isincorporated in the print clients 20, 22 and/or the printers 30, 32, andthe aforementioned embodiments can be realized by executing thisprogram.

Further, when being recorded on the record medium or transmitted as thecarrier wave over the network, the program is sometimes encrypted orcompressed. In this case, the print clients 20, 22 and/or the printers30, 32 which have read the program from the record medium or the carrierwave need to execute the program after decrypting or expanding it.

1. A The printer which processes print data, comprising: a printerposition information acquisition unit which acquires printer positioninformation to specify a place where the printer is installed; a firstprinter position information acquisition unit which acquires printerposition information from the printer position information acquisitionunit, this printer position information being regarded as first printerposition information; a public key generator which generates a publickey with a passphrase containing at least the first printer positioninformation and a given number; a print data receiver which receivesprint data encrypted with the public key; a second printer positioninformation acquisition unit which acquires printer position informationfrom the printer position information acquisition unit when the printdata has been received, this printer position information being regardedas second printer position information; a private key generator whichgenerates a private key with a passphrase containing at least the secondprinter position information and the given number; a decrypter whichdecrypts the print data received by the print data receiver with theprivate key; a print executor which executes a print operation based onthe print data when the print data has been decrypted with the privatekey and which does not execute the print operation based on the printdata when the print data has not been decrypted with the private key;and a given number holder which holds the given number used in thepublic key generator, wherein even if a private key is generated whenthe public key generator generates the public key, the private key isdeleted.
 2. The printer according to claim 1, further comprising: apublic key acquisition request receiver which receives a public keyacquisition request from a print client; and a public key transmitterwhich transmits the public key generated by the public key generator tothe print client which has transmitted the public key acquisitionrequest.
 3. The printer according to claim 2, wherein one given numberis held in the given number holder in the printer.
 4. The printeraccording to claim 2, wherein one given number for each of the printclients is held in the given number holder.
 5. The printer according toclaim 4, further comprising: a print client identification informationreceiver which receives print client identification information which isnot encrypted with the public key in addition to the print dataencrypted with the public key; and a given number acquisition whichacquires the given number of the print client which has transmitted theprint data based on the print client identification information from thegiven number holder.
 6. The printer according to claim 2, wherein onegiven number for each user is held in the given number holder.
 7. Theprinter according to claim 6, further comprising: a user identificationinformation receiver which receives user identification informationwhich is not encrypted with the public key in addition to the print dataencrypted with the public key; and a given number acquisition whichacquires the given number of a user who has transmitted the print databased on the user identification information from the given numberholder.
 8. The printer according to claim 1, wherein the public keygenerator generates the given number for generating the public key inresponse to a public key acquisition request transmitted from a printclient for each print job.
 9. The printer according to claim 8, furthercomprising a given number deleter which deletes the given number held inthe given number holder after the private key is generated by theprivate key generator.
 10. A The printer which processes print data,comprising: a printer position information acquisition unit whichacquires printer position information to specify a place where theprinter is installed; a first printer position information acquisitionunit which acquires printer position information from the printerposition information acquisition unit, this printer position informationbeing regarded as first printer position information; a public keygenerator which generates a public key with a passphrase containing atleast the first printer position information and a given number; a printdata receiver which receives print data encrypted with the public key; asecond printer position information acquisition unit which acquiresprinter position information from the printer position informationacquisition unit when the print data has been received, this printerposition information being regarded as second printer positioninformation; a private key generator which generates a private key witha passphrase containing at least the second printer position informationand the given number; and a decrypter which decrypts the print datareceived by the print data receiver with the private key; a printexecutor which executes a print operation based on the print data whenthe print data has been decrypted with the private key and which doesnot execute the print operation based on the print data when the printdata has not been decrypted with the private key; a public key and givennumber transmitter which transmits, to a print client, the public keygenerated by the public key generator and the given number used when thepublic key is generated; and a given number receiver which receives thegiven number from the print client, wherein the private key generatorgenerates the private key with the passphrase containing at least thesecond printer position information and the given number received by thegiven number receiver, and even if a private key is generated when thepublic key generator generates the public key, the private key isdeleted.
 11. The printer according to claim 10, wherein when receiving apublic key acquisition request from the print client, the public keygenerator generates the public key and the given number, and the publickey and given number transmitter transmits the public key and the givennumber to the print client which has transmitted the public keyacquisition request.
 12. The printer according to claim 10, wherein thepublic key generator generates the given number for generating thepublic key in response to a public key acquisition request transmittedfrom the print client for each print job.
 13. The printer according toclaim 12, wherein the given number used when the public key generatorgenerates the public key is deleted after the public key and givennumber transmitter transmits the given number.
 14. A printer whichprocesses print data, comprising: a printer position informationacquisition unit which acquires printer position information to specifya place where the printer is installed; a first printer positioninformation acquisition unit which acquires printer position informationfrom the printer position information acquisition unit, this printerposition information being regarded as first printer positioninformation; a public key generator which generates a public key with apassphrase containing at least the first printer position informationand a given number; a print data receiver which receives print dataencrypted with the public key; a second printer position informationacquisition unit which acquires printer position information from theprinter position information acquisition unit when the print data hasbeen received, this printer position information being regarded assecond printer position information; a private key generator whichgenerates a private key with a passphrase containing at least the secondprinter position information and the given number; a decrypter whichdecrypts the print data received by the print data receiver with theprivate key; a print executor which executes a print operation based onthe print data when the print data has been decrypted with the privatekey and which does not execute the print operation based on the printdata when the print data has not been decrypted with the private key; apublic key information transmitter which transmits, to the print client,the public key generated by the public key generator and informationnecessary for deriving the given number used when the public key isgenerated; and a given number receiver which receives the given numberfrom the print client, wherein the private key generator generates theprivate key with the passphrase containing at least the second printerposition information and the given number received by the given numberreceiver, and even if a private key is generated when the public keygenerator generates the public key, the private key is deleted.
 15. Theprinter according to claim 14, wherein the information necessary forderiving the given number is an algorithm which derives the given numberand additional information for the derivation.
 16. The printer accordingto any one of claims 1 to 15, wherein the given number is a randomnumber.
 17. A control method of a printer which processes print data,comprising the steps of: acquiring printer position information tospecify a place where the printer is installed from a printer positioninformation acquisition unit, this printer position information beingregarded as first printer position information; generating a public keywith a passphrase containing at least the first printer positioninformation and a given number, the given number being held in a givennumber holder; receiving print data from a print client; acquiringprinter position information from the printer position informationacquisition unit when the print data has been received, this printerposition information being regarded as second printer positioninformation; generating a private key with a passphrase containing atleast the second printer position information and the given number;decrypting the received print data with the private key; and executing aprint operation based on the print data when the print data has beendecrypted with the private key and not executing the print operationbased on the print data when the print data has not been decrypted withthe private key, wherein even if a private key is generated when thepublic key is generated, the private key is deleted.
 18. A print systemincluding at least one printer and at least one print client connectedto the printer via a network, wherein the printer comprises: a printerposition information acquisition unit which acquires printer positioninformation to specify a place where the printer is installed; a firstprinter position information acquisition unit which acquires printerposition information from the printer position information acquisitionunit, this printer position information being regarded as first printerposition information; and a public key generator which generates apublic key with a passphrase containing at least the first printerposition information and a given number, the print client comprises: aprint data generator which generates print data to be printed by theprinter; and a print data transmitter which encrypts the print data withthe public key and transmits the encrypted print data to the printer,and the printer further comprises: a print data receiver which receivesthe print data encrypted with the public key and transmitted from theprint client; a second printer position information acquisition unitwhich acquires printer position information from the printer positioninformation acquisition unit when the print data has been received, thisprinter position information being regarded as second printer positioninformation; a private key generator which generates a private key witha passphrase containing at least the second printer position informationand the given number; a decrypter which decrypts the print data receivedby the print data receiver with the private key; a print executor whichexecutes a print operation based on the print data when the print datahas been decrypted with the private key and which does not execute theprint operation based on the print data when the print data has not beendecrypted with the private key; and a given number holder which holdsthe given number used in the public key generator, wherein even if aprivate key is generated when the public key generator generates thepublic key, the private key is deleted.